Different Authentication Requirements Based On Connector, Port or Protocol?

[Daniel Rigal <da...@jaikudo.com>]

Hi,

We have a Tomcat server (without Apache HTTP server) serving on two
ports, 8080 and 8443 (HTTP and HTTPS respectively) using two connectors
as described in the various Tomcat SSL FAQs.

What I want to do is require users coming in on port 8443 (from the
internet) to pass basic user authentication before they can access
anything while still allowing our internal users on port 8080 (which
will not be accessible from the internet) access without authentication.
Basically, I am trying to make a secure extranet the lazy way without
annoying the existing intranet users.

Can anybody suggest a reasonably easy way to do this? At first I was
thinking that I could just put a url-pattern inside a
security-constraint in web.xml but I realised that this does not operate
on the full URL so I could not filter by port number or protocol here.

Thanks,

Daniel.
-- 
Daniel Rigal MSc.
Systems Administrator - Jai Kudo IT Support Team.



This message has been scanned for viruses by MessageLabs.

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org