You might think about using Apache HTTP server to proxy (mod_proxy) the external traffic back to your tomcat instance on ports 80 (80 <->8080) & 443 (443<->8443). I've run into situations where ports other than the "standard" 80 & 443 are blocked by corporate firewalls. You might be able to use apache to do the authentication that way too. Just my 2 cents.
--Dan -----Original Message----- From: Daniel Rigal [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 25, 2005 9:09 AM To: tomcat-user@jakarta.apache.org Subject: Different Authentication Requirements Based On Connector, Port or Protocol? Hi, We have a Tomcat server (without Apache HTTP server) serving on two ports, 8080 and 8443 (HTTP and HTTPS respectively) using two connectors as described in the various Tomcat SSL FAQs. What I want to do is require users coming in on port 8443 (from the internet) to pass basic user authentication before they can access anything while still allowing our internal users on port 8080 (which will not be accessible from the internet) access without authentication. Basically, I am trying to make a secure extranet the lazy way without annoying the existing intranet users. Can anybody suggest a reasonably easy way to do this? At first I was thinking that I could just put a url-pattern inside a security-constraint in web.xml but I realised that this does not operate on the full URL so I could not filter by port number or protocol here. Thanks, Daniel. -- Daniel Rigal MSc. Systems Administrator - Jai Kudo IT Support Team. This message has been scanned for viruses by MessageLabs. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
