actually the performance is better as you have control over what is being accessed, who is accessing and you dont have to play games with external http servers such as IIS / Apache
M- This e-mail communication and any attachments may contain confidential and privileged information for the use of the designated recipients named above. If you are not the intended recipient, you are hereby notified that you have received this communication in error and that any review, disclosure, dissemination, distribution or copying of it or its contents ----- Original Message ----- From: "Caldarale, Charles R" <[EMAIL PROTECTED]> To: "Tomcat Users List" <users@tomcat.apache.org> Sent: Thursday, November 02, 2006 10:31 AM Subject: RE: Multiple paths to one application > From: Peter Neu [mailto:[EMAIL PROTECTED] > Subject: AW: Multiple paths to one application > > My problem is that I have parts of my application which are > restricted and I just want to filter the path requests with > the httpd server which sits in front of tomcat so that I > don't to configure any additional realms. For Tomcat, a realm is a collection of authentication credentials and the necessary logic to manipulate them - it's not an access control mechanism. For that, you use path-based <security-constraint> declarations in your app's web.xml, as defined in section 12 of the Servlet spec. You don't need multiple realms for controlling access to different parts of an application. What are you using httpd for? If it's just for delivering static content, consider simplifying your life by getting rid of it and using Tomcat standalone. Performance is pretty much equivalent, these days. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]