1) Get off of windows :) Or add the following to web.xml under $TOMCAT_HOME/conf, unless I'm mistaken that should cover all of the possible miss-cases of "jsp".
<servlet-mapping> <servlet-name>jsp</servlet-name> <url-pattern>*.Jsp</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>jsp</servlet-name> <url-pattern>*.JSp</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>jsp</servlet-name> <url-pattern>*.JsP</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>jsp</servlet-name> <url-pattern>*.JSP</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>jsp</servlet-name> <url-pattern>*.jSp</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>jsp</servlet-name> <url-pattern>*.jSP</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>jsp</servlet-name> <url-pattern>*.jsP</url-pattern> </servlet-mapping> 2) You'll probably have to do this in your application I think. If it were me I'd create a singleton class that stored a list of login attempts with ip address of the source, and prior to allowing some client to attempt login I'd check the list. --mikej -=----- mike jackson [EMAIL PROTECTED] > -----Original Message----- > From: Walid Mohamed Al Abbadi [mailto:[EMAIL PROTECTED]] > Sent: Thursday, May 30, 2002 3:24 PM > To: [EMAIL PROTECTED] > Subject: Need Help plz > > > > Hi , > > i need help please in two subjects .. My problems are what > configuration I should have to do in the server to prevent: > > 1) Prohibit downloading the *.jsp files from any client on the > internet... [ I noticed that if I wrote the URL of my site ending with > myFile.JSP [ JSP in Capital letters] the page not opened ! , but the > server offered me to download the file it self ! ..Which I > don’t want > any user knows this property to download my own source-code jsp files! > > 2) My application is depend on a password authentication , which > I don’t want any cracker to keep trying usernames/passwords for > many tries .. How should I tell the server to block an ip after 3 times > tries [for example] and for how long this ip will be blocked! > > are thses problems related with the Apache server or Tomcat > serve or both > of them !!.. does anyone face like these problems ?! > > > Java_lover : Walid > > -- > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>