I don't know WebSphere in particular, but most servlet engines I am familiar
with do what you want about creating multiple instances of the same servlet when
you attach them to multiple names. For servlet API 2.2 or later, this behavior
is required. So, the only issue becomes the authentication side.
NES lets you protect a particular URL pattern (not just a file pathname) with an
access control list (ACL), so you could set up a separate one for each (using
the URLs you configured for your servlet instances). The ACLs should have
different realm names, and probably different definitions of allowed users. I
would probably define a group that has access to each instance, and then assign
all my users to the appropriate groups. This elegantly deals with the case
where one user might really need access to more than one instance. They'll need
to log on once per realm, but they will be allowed access if they are supposed
to.
See the NES server admin docs (and the Netscape web site) for more info on
setting up ACLs.
Craig McClanahan
PS: You might also want to keep in mind that passwords used in Basic
authentication are not encrypted and are sent with each request -- this might be
a security issue if your app runs on the Internet.
"Booth, Peter" wrote:
> Tyler,
>
> I really do want a separate servlet instance (with it's own
> data) for each channel name. I want different users to invoke
> different instances (on the same server) and use basic authentication
> (over HTTPS) to ensure that users cannot connect to other instances
>
> Has anyone done this?
>
> Peter
>
> > -----Original Message-----
> > From: TKV Tyler VanGorder [SMTP:[EMAIL PROTECTED]]
> > Sent: Friday, December 17, 1999 1:29 PM
> > To: [EMAIL PROTECTED]
> > Subject: Re: Basic Authentication for distinct servlet instances
> >
> > Hi Peter,
> >
> > You might want to think about registering
> > a single servlet instance
> >
> > http://mywebserver/servlet/MyServlet
> >
> >
> > Then, have your user connect as:
> >
> > http://mywebserver/servlet/MyServlet/Channel1
> > http://mywebserver/servlet/MyServlet/Channel2
> > http://mywebserver/servlet/MyServlet/Channel3
> > http://mywebserver/servlet/MyServlet/Channel4
> >
> >
> > In your servlet, you can then use request.getPathInfo ()
> > to get the channel name and check security based on that.
> >
> > Tyler Van Gorder
> > [EMAIL PROTECTED]
> > Landacorp.
> >
> > >-----Original Message-----
> > >From: Booth, Peter [SMTP:[EMAIL PROTECTED]]
> > >Sent: 17 Dec 1999 9:15 AM
> > >To: [EMAIL PROTECTED]
> > >Subject: Basic Authentication for distinct servlet instances
> > >
> > >Does anyone have experience of using Basic Authentication
> > >to define access to individual servlet instances of the same
> > >servlet code?
> > >
> > >I am using WebSphere 1.1 & Netscape Enterprise Server 3.5.
> > >
> > >I would like to register multiple aliases (servlet instances)
> > >in my servlet.properties file that look like so:
> > >
> > >MyServletChannel1 com.csfb.gfx.servlets.ChannelServlet
> > >MyServletChannel2 com.csfb.gfx.servlets.ChannelServlet
> > >MyServletChannel3 com.csfb.gfx.servlets.ChannelServlet
> > >MyServletChannel4 com.csfb.gfx.servlets.ChannelServlet
> > >
> > >This means that a url http://mywebserver/servlet/MyServletChannel1
> > >refers to a different servlet instance, than
> > >http://mywebserver/servlet/MyServletChannel2
> > >with both instances having the same code.
> > >
> > >My question is - how can I configure basic authentication so that
> > >different users have access to MyServletChannel1 and MyServletChannel2 ?
> > >
> > >Peter Booth
> > >[EMAIL PROTECTED]
> > >
> > >This message is for the named person's use only. It may contain
> > >confidential, proprietary or legally privileged information. No
> > >confidentiality or privilege is waived or lost by any mistransmission.
> > >If you receive this message in error, please immediately delete it and
> > all
> > >copies of it from your system, destroy any hard copies of it and notify
> > the
> > >sender. You must not, directly or indirectly, use, disclose, distribute,
> > >print, or copy any part of this message if you are not the intended
> > >recipient. CREDIT SUISSE GROUP, CREDIT SUISSE FIRST BOSTON, and each of
> > >their subsidiaries each reserve the right to monitor all e-mail
> > >communications through its networks. Any views expressed in this message
> > >are those of the individual sender, except where the message states
> > >otherwise and the sender is authorised to state them to be the views of
> > >any such entity.
> > >
> > >_________________________________________________________________________
> > __
> > >To unsubscribe, send email to [EMAIL PROTECTED] and include in the
> > body
> > >of the message "signoff SERVLET-INTEREST".
> > >
> > >Archives: http://archives.java.sun.com/archives/servlet-interest.html
> > >Resources: http://java.sun.com/products/servlet/external-resources.html
> > >LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
> >
> > __________________________________________________________________________
> > _
> > To unsubscribe, send email to [EMAIL PROTECTED] and include in the
> > body
> > of the message "signoff SERVLET-INTEREST".
> >
> > Archives: http://archives.java.sun.com/archives/servlet-interest.html
> > Resources: http://java.sun.com/products/servlet/external-resources.html
> > LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
>
> This message is for the named person's use only. It may contain
> confidential, proprietary or legally privileged information. No
> confidentiality or privilege is waived or lost by any mistransmission.
> If you receive this message in error, please immediately delete it and all
> copies of it from your system, destroy any hard copies of it and notify the
> sender. You must not, directly or indirectly, use, disclose, distribute,
> print, or copy any part of this message if you are not the intended
> recipient. CREDIT SUISSE GROUP, CREDIT SUISSE FIRST BOSTON, and each of
> their subsidiaries each reserve the right to monitor all e-mail
> communications through its networks. Any views expressed in this message
> are those of the individual sender, except where the message states
> otherwise and the sender is authorised to state them to be the views of
> any such entity.
>
> ___________________________________________________________________________
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
> of the message "signoff SERVLET-INTEREST".
>
> Archives: http://archives.java.sun.com/archives/servlet-interest.html
> Resources: http://java.sun.com/products/servlet/external-resources.html
> LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
