Mod_jk and Security

[Dave Morrow <da...@autodata.net>]

Hi all.  I have a website running under Tomcat 5.5.9

I would like to use mod_jk to allow Apache to serve all static content however, I cannot figure out how to serve this content only if the user has already logged into the application.  This application uses Tomcat sessions.

Anyone have experience in this?


David A. Morrow
Technical Systems Lead
Autodata Solutions Company
David.Morrow@Autodata.Net
http://www.autodata.net

NEW !!! Tel: (519) 963-3020
Fax: (519) 451-6615 

< Poor planning on your part does not necessarily constitute an emergency on my part! >

This message has originated from Autodata Solutions. The attached material is the Confidential and Proprietary Information of Autodata Solutions. This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please delete this message and notify the Autodata system administrator at Administrator@autodata.net <ma...@autodata.net>

Re: Mod_jk and Security

[Bill Barker <wb...@wilshire.com>]

Of course the simplest is to forward all protected content to Tomcat.  If 
you are using Form auth, this is pretty much your only option.  It would be 
a nice feature for (currently vapor-ware) AJP/1.4 however.

Otherwise, you have to configure the authorization in both Tomcat and Apache 
in parallel (and maintain them yourself :).

"Dave Morrow" <da...@autodata.net> wrote in message 
news:07472729F6E15741B5DB63A38733D989030B5884@exchange.london.autodata.net...
Hi all.  I have a website running under Tomcat 5.5.9

I would like to use mod_jk to allow Apache to serve all static content 
however, I cannot figure out how to serve this content only if the user has 
already logged into the application.  This application uses Tomcat sessions.

Anyone have experience in this?


David A. Morrow
Technical Systems Lead
Autodata Solutions Company
David.Morrow@Autodata.Net
http://www.autodata.net

NEW !!! Tel: (519) 963-3020
Fax: (519) 451-6615

< Poor planning on your part does not necessarily constitute an emergency on 
my part! >

This message has originated from Autodata Solutions. The attached material 
is the Confidential and Proprietary Information of Autodata Solutions. This 
email and any files transmitted with it are confidential and intended solely 
for the use of the individual or entity to whom they are addressed. If you 
have received this email in error please delete this message and notify the 
Autodata system administrator at Administrator@autodata.net 
<ma...@autodata.net>





---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Re: Mod_jk and Security

[ALEX HYDE <al...@btinternet.com>]

I'm abstracting it to a db with a timeout included.
That way both Tomcat and Apache can check for a valid
user. 

--- Dave Morrow <da...@autodata.net> wrote:

> Hi all.  I have a website running under Tomcat 5.5.9
> 
> I would like to use mod_jk to allow Apache to serve
> all static content however, I cannot figure out how
> to serve this content only if the user has already
> logged into the application.  This application uses
> Tomcat sessions.
> 
> Anyone have experience in this?
> 
> 
> David A. Morrow
> Technical Systems Lead
> Autodata Solutions Company
> David.Morrow@Autodata.Net
> http://www.autodata.net
> 
> NEW !!! Tel: (519) 963-3020
> Fax: (519) 451-6615 
> 
> < Poor planning on your part does not necessarily
> constitute an emergency on my part! >
> 
> This message has originated from Autodata Solutions.
> The attached material is the Confidential and
> Proprietary Information of Autodata Solutions. This
> email and any files transmitted with it are
> confidential and intended solely for the use of the
> individual or entity to whom they are addressed. If
> you have received this email in error please delete
> this message and notify the Autodata system
> administrator at Administrator@autodata.net
> <ma...@autodata.net>
> 
> 



		
___________________________________________________________ 
To help you stay safe and secure online, we've developed the all new Yahoo! Security Centre. http://uk.security.yahoo.com

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org