You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Dave Morrow <da...@autodata.net> on 2005/12/21 21:19:43 UTC
Mod_jk and Security
Hi all. I have a website running under Tomcat 5.5.9
I would like to use mod_jk to allow Apache to serve all static content however, I cannot figure out how to serve this content only if the user has already logged into the application. This application uses Tomcat sessions.
Anyone have experience in this?
David A. Morrow
Technical Systems Lead
Autodata Solutions Company
David.Morrow@Autodata.Net
http://www.autodata.net
NEW !!! Tel: (519) 963-3020
Fax: (519) 451-6615
< Poor planning on your part does not necessarily constitute an emergency on my part! >
This message has originated from Autodata Solutions. The attached material is the Confidential and Proprietary Information of Autodata Solutions. This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please delete this message and notify the Autodata system administrator at Administrator@autodata.net <ma...@autodata.net>
Re: Mod_jk and Security
Posted by Bill Barker <wb...@wilshire.com>.
Of course the simplest is to forward all protected content to Tomcat. If
you are using Form auth, this is pretty much your only option. It would be
a nice feature for (currently vapor-ware) AJP/1.4 however.
Otherwise, you have to configure the authorization in both Tomcat and Apache
in parallel (and maintain them yourself :).
"Dave Morrow" <da...@autodata.net> wrote in message
news:07472729F6E15741B5DB63A38733D989030B5884@exchange.london.autodata.net...
Hi all. I have a website running under Tomcat 5.5.9
I would like to use mod_jk to allow Apache to serve all static content
however, I cannot figure out how to serve this content only if the user has
already logged into the application. This application uses Tomcat sessions.
Anyone have experience in this?
David A. Morrow
Technical Systems Lead
Autodata Solutions Company
David.Morrow@Autodata.Net
http://www.autodata.net
NEW !!! Tel: (519) 963-3020
Fax: (519) 451-6615
< Poor planning on your part does not necessarily constitute an emergency on
my part! >
This message has originated from Autodata Solutions. The attached material
is the Confidential and Proprietary Information of Autodata Solutions. This
email and any files transmitted with it are confidential and intended solely
for the use of the individual or entity to whom they are addressed. If you
have received this email in error please delete this message and notify the
Autodata system administrator at Administrator@autodata.net
<ma...@autodata.net>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Mod_jk and Security
Posted by ALEX HYDE <al...@btinternet.com>.
I'm abstracting it to a db with a timeout included.
That way both Tomcat and Apache can check for a valid
user.
--- Dave Morrow <da...@autodata.net> wrote:
> Hi all. I have a website running under Tomcat 5.5.9
>
> I would like to use mod_jk to allow Apache to serve
> all static content however, I cannot figure out how
> to serve this content only if the user has already
> logged into the application. This application uses
> Tomcat sessions.
>
> Anyone have experience in this?
>
>
> David A. Morrow
> Technical Systems Lead
> Autodata Solutions Company
> David.Morrow@Autodata.Net
> http://www.autodata.net
>
> NEW !!! Tel: (519) 963-3020
> Fax: (519) 451-6615
>
> < Poor planning on your part does not necessarily
> constitute an emergency on my part! >
>
> This message has originated from Autodata Solutions.
> The attached material is the Confidential and
> Proprietary Information of Autodata Solutions. This
> email and any files transmitted with it are
> confidential and intended solely for the use of the
> individual or entity to whom they are addressed. If
> you have received this email in error please delete
> this message and notify the Autodata system
> administrator at Administrator@autodata.net
> <ma...@autodata.net>
>
>
___________________________________________________________
To help you stay safe and secure online, we've developed the all new Yahoo! Security Centre. http://uk.security.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org