You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Torsten Römer <to...@luniks.net> on 2005/06/17 00:42:10 UTC
Container Managed Security and mod_jk/Static Contents
Hello!
In order to improve performance for static contents I have setup Apache
with mod_jk. Now only Struts' *.do requests are served by Tomcat, the
rest is done by Apache. Works fine.
Now I want to restrict access to some resources using using container
managed security. That also works fine, but, and that is now my question:
I also want to protect static contents, but that won't work with
container managed security, because these requests are handled by Apache
and don't even make it to Tomcat. Of course I could just mount the
contents to be protected to Tomcat, but then I'll lose the performance
advantage of having them served by Apache.
Do I have to live with that or do I have a stupid setup?
Torsten
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Container Managed Security and mod_jk/Static Contents
Posted by Torsten Römer <to...@luniks.net>.
Sorry, should have mentioned that. Using form based authentication.
Gurumoorthy schrieb:
> how do you authenticate ? basic ? form based ?
> ----- Original Message -----
> From: "Torsten Römer" <to...@luniks.net>
> To: "Tomcat Users List" <to...@jakarta.apache.org>
> Sent: Thursday, June 16, 2005 11:42 PM
> Subject: Container Managed Security and mod_jk/Static Contents
>
>
>>Hello!
>>
>>In order to improve performance for static contents I have setup Apache
>>with mod_jk. Now only Struts' *.do requests are served by Tomcat, the
>>rest is done by Apache. Works fine.
>>
>>Now I want to restrict access to some resources using using container
>>managed security. That also works fine, but, and that is now my question:
>>
>>I also want to protect static contents, but that won't work with
>>container managed security, because these requests are handled by Apache
>>and don't even make it to Tomcat. Of course I could just mount the
>>contents to be protected to Tomcat, but then I'll lose the performance
>>advantage of having them served by Apache.
>>
>>Do I have to live with that or do I have a stupid setup?
>>
>>Torsten
>>
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
>>For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Container Managed Security and mod_jk/Static Contents
Posted by Gurumoorthy <g....@btinternet.com>.
how do you authenticate ? basic ? form based ?
----- Original Message -----
From: "Torsten Römer" <to...@luniks.net>
To: "Tomcat Users List" <to...@jakarta.apache.org>
Sent: Thursday, June 16, 2005 11:42 PM
Subject: Container Managed Security and mod_jk/Static Contents
> Hello!
>
> In order to improve performance for static contents I have setup Apache
> with mod_jk. Now only Struts' *.do requests are served by Tomcat, the
> rest is done by Apache. Works fine.
>
> Now I want to restrict access to some resources using using container
> managed security. That also works fine, but, and that is now my question:
>
> I also want to protect static contents, but that won't work with
> container managed security, because these requests are handled by Apache
> and don't even make it to Tomcat. Of course I could just mount the
> contents to be protected to Tomcat, but then I'll lose the performance
> advantage of having them served by Apache.
>
> Do I have to live with that or do I have a stupid setup?
>
> Torsten
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org