On Wed, Nov 17, 2004 at 11:34:48AM -0000, Chris Chappell wrote: : How can I protect static pages on my Tomcat powered site with username/role + : password information from my jdbc realm?
Use the standard roles/auth constraints in web.xml. See the servlet spec, or some random servlet/JSP articles/books, for details. : I have some help pages under /MyContext/help. I cannot find how to put them : under /MyContext/WEB-INF/help. : Anybody help? (There's only a few static pages, so it would be overkill to run : apache as well) Yes: don't put them under WEB-INF unless you want to write code to serve them yourself. =) By default, files under WEB-INF are *not* available for standard requests (HTTP/GET, HTTP/POST, etc). This prevents would-be miscreants from downloading the app's code and config files. -QM -- software -- http://www.brandxdev.net tech news -- http://www.RoarNetworX.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
