Hi Rainer, yes, the JSP's should be served by Tomcat!
But Tomcat should not work as WebService, Tomcat is only an Engine behind IIS. The protection of the JSP Files should be realized in the NTFS ACL's... Regards, Jörg -----Ursprüngliche Nachricht----- Von: Rainer Jung [mailto:rainer.j...@kippdata.de] Gesendet: Freitag, 25. September 2009 09:07 An: Tomcat Users List Betreff: Re: Apache Tomcat, IIS, ISAPI On 25.09.2009 08:06, Buchner, Joerg [T0I] (VW Sachsen) wrote: > Hi, > > i've got an Problem. > We have an Microsoft IIS 6.0 with an Apache Tomcat 5.5.27 with IIS ISAPI > 1.2.28. > (AMD64). > > The Website use Integrated Windows Authentication. > > The SourceCode Files on the server are protected by ActiveDirectory Groups. > > All works fine. > > But now the problem. > > If a user request a html File then the IIS check the NTFS > Filesystempermissions. > That means, only users have access, which are in the security group on the > file system. > > But, if the same user request a jsp File, then there is no check on the > Filesystempermissons. > > That is not OK. > I'ld like to protect my JSP Files with NTFS Rights. > > Can anybody help me? The JSPs should be served by Tomcat, right? So IIS doesn't need to be able to see them or allowed to actually read them. So do you want to protect them in Tomcat? Regards, Rainer --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
