You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Tim Davidson <ti...@greenhatconsulting.com> on 2003/08/05 14:29:18 UTC

Preventing access to a directory

Hi,
	how can we prevent access to a set of JSP's inside a specific directory?
	aparrently there is a directory tag for server.xml?
thanks in advance.

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Re: Preventing access to a directory

Posted by Tim Funk <fu...@joedog.org>.

To prevent directlory listings:
http://jakarta.apache.org/tomcat/faq/misc.html#listing

To prevent individual access to jsps, use web.xml and a security constraint.

-Tim

Tim Davidson wrote:
> Hi,
> 	how can we prevent access to a set of JSP's inside a specific directory?
> 	aparrently there is a directory tag for server.xml?
> thanks in advance.
>  


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Re: Preventing access to a directory

Posted by Zach Gatu <zk...@tminusone.fsnet.co.uk>.

Either use a filter (http://java.sun.com/products/servlet/Filters.html)
or password-protect them using the <security-constraint> tag in your web 
application's web.xml file.

see http://java.sun.com/j2ee/1.4/docs/tutorial/doc/Security.html#wp79663

Zach.

Tim Davidson wrote:

> Hi,
> 	how can we prevent access to a set of JSP's inside a specific directory?
> 	aparrently there is a directory tag for server.xml?
> thanks in advance.
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 
> 
>

Re: Preventing access to a directory

Posted by Zach Gatu <zk...@tminusone.fsnet.co.uk>.

Either use a filter (http://java.sun.com/products/servlet/Filters.html)
or password-protect them using the <security-constraint> tag in your web 
application's web.xml file.

see http://java.sun.com/j2ee/1.4/docs/tutorial/doc/Security.html#wp79663

Zach.

Tim Davidson wrote:

> Hi,
> 	how can we prevent access to a set of JSP's inside a specific directory?
> 	aparrently there is a directory tag for server.xml?
> thanks in advance.
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Re: Preventing access to a directory

Posted by Tim Funk <fu...@joedog.org>.

To prevent directlory listings:
http://jakarta.apache.org/tomcat/faq/misc.html#listing

To prevent individual access to jsps, use web.xml and a security constraint.

-Tim

Tim Davidson wrote:
> Hi,
> 	how can we prevent access to a set of JSP's inside a specific directory?
> 	aparrently there is a directory tag for server.xml?
> thanks in advance.
>