Re: Configure read/write-access in TomCat

Mark Thomas wrote: On 20/08/2010 18:56, André Warnier wrote: Mark Thomas wrote: On 18/08/2010 13:32, André Warnier wrote: What do you mean by "write" ? There is nothing in tomcat itself which allows users to write anywhere on the server. I know I am coming late to this thread but to be pedan

Re: Configure read/write-access in TomCat

On 20/08/2010 18:56, André Warnier wrote: > Mark Thomas wrote: >> On 18/08/2010 13:32, André Warnier wrote: >>> What do you mean by "write" ? There is nothing in tomcat itself which >>> allows users to write anywhere on the server. >> >> I know I am coming late to this thread but to be pedantic th

Re: Configure read/write-access in TomCat

Mark Thomas wrote: On 18/08/2010 13:32, André Warnier wrote: What do you mean by "write" ? There is nothing in tomcat itself which allows users to write anywhere on the server. I know I am coming late to this thread but to be pedantic that is not correct. The above was written with the inte

Re: Configure read/write-access in TomCat

On 18/08/2010 13:32, André Warnier wrote: > What do you mean by "write" ? There is nothing in tomcat itself which > allows users to write anywhere on the server. I know I am coming late to this thread but to be pedantic that is not correct. Tomcat supports HTTP PUT (implemented in the default Se

Re: Configure read/write-access in TomCat

My project-name is "Server" - but I guess that your answer still is correct. Thanks! Den 19-08-2010 05:06, Christopher Schultz skrev: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mr. Andersen, On 8/18/2010 7:16 AM, K A wrote: user open part /Server/user/* use

Re: Configure read/write-access in TomCat

On Wed, Aug 18, 2010 at 8:06 PM, Christopher Schultz wrote: > I couldn't see if anyone actually answered your question, here, or just > argued about how well-documented conf/web.xml was. Wait, what, those aren't the same? :-) -- Hassan Schroeder hassan.schroe...@gmail

Re: Configure read/write-access in TomCat

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mr. Andersen, On 8/18/2010 7:16 AM, K A wrote: > > > user open part > /Server/user/* > > > > user > admin > > Your URL pattern is wrong: the URL should be relative to the context, not to the server. Presumably, your

Re: Configure read/write-access in TomCat

Caldarale, Charles R wrote: From: André Warnier [mailto:a...@ice-sa.com] Subject: Re: Configure read/write-access in TomCat the process by which Tomcat, for each deplayed webapp, first reads and "processes" the conf/web.xml, then reads and "processes" the applications

RE: Configure read/write-access in TomCat

> From: André Warnier [mailto:a...@ice-sa.com] > Subject: Re: Configure read/write-access in TomCat > the process by which Tomcat, for each deplayed webapp, first reads > and "processes" the conf/web.xml, then reads and "processes" the > applications WEB-

RE: Configure read/write-access in TomCat

>-Original Message- >From: André Warnier [mailto:a...@ice-sa.com] >Subject: Re: Configure read/write-access in TomCat > >Comments at end. > >Caldarale, Charles R wrote: > > Do you know anyone who actually likes to write documentation? > > >> André

Re: Configure read/write-access in TomCat

Comments at end. Caldarale, Charles R wrote: From: André Warnier [mailto:a...@ice-sa.com] Subject: Re: Configure read/write-access in TomCat Would you gurus mind pointing out where exactly ? Not sure what you want pointed out. I am looking at the online documentation of Tomcat 7, at http

RE: Configure read/write-access in TomCat

> From: André Warnier [mailto:a...@ice-sa.com] > Subject: Re: Configure read/write-access in TomCat > > Would you gurus mind pointing out where exactly ? Not sure what you want pointed out. > I am looking at the online documentation of Tomcat 7, at > http://tomcat.apache.

Re: Configure read/write-access in TomCat

18.08.2010 16:55, André Warnier: > Pid wrote: >> On 18/08/2010 14:56, Caldarale, Charles R wrote: >>>> From: André Warnier [mailto:a...@ice-sa.com] >>>> Subject: Re: Configure read/write-access in TomCat >>>> >>>> The conf/web.xml is the we

Re: Configure read/write-access in TomCat

Pid wrote: On 18/08/2010 14:56, Caldarale, Charles R wrote: From: André Warnier [mailto:a...@ice-sa.com] Subject: Re: Configure read/write-access in TomCat The conf/web.xml is the web.xml for the "default servlet". It's a bit more than that, actually. The contents of c

Re: Configure read/write-access in TomCat

On 18/08/2010 14:56, Caldarale, Charles R wrote: >> From: André Warnier [mailto:a...@ice-sa.com] >> Subject: Re: Configure read/write-access in TomCat >> >> The conf/web.xml is the web.xml for the "default servlet". > > It's a bit more than that

RE: Configure read/write-access in TomCat

> From: André Warnier [mailto:a...@ice-sa.com] > Subject: Re: Configure read/write-access in TomCat > > The conf/web.xml is the web.xml for the "default servlet". It's a bit more than that, actually. The contents of conf/web.xml are logically merged into a webapp

Re: Configure read/write-access in Tomcat

t;>> admin >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> admin >>> closed part >>> >>> /Server/a

Re: Configure read/write-access in TomCat

K A wrote: Ah, so the web.xaml in /tomcat/conf has nothing to do with the issue - it's only the web.xml in the project itself? The conf/web.xml is the web.xml for the "default servlet". The webapps/your-webapp/WEB-INF/web.xml is the one that dictates what happens when users access /your-webap

Re: Configure read/write-access in TomCat

K A wrote: Ah, so the web.xaml in /tomcat/conf has nothing to do with the issue - it's only the web.xml in the project itself? The conf/web.xml is the web.xml for the "default servlet". The webapps/your-webapp/WEB-INF/web.xml is the one that dictates what happens when users access /your-webap

Re: Configure read/write-access in TomCat

K A wrote: Oh, really? I just guessed that if the user could see the absolute url to used/available files in the application (jsp- or pdf-files) then it was also possible that the user could compromise the files in that directory, overwrite them or even save new files. But you state that users

RE: Configure read/write-access in TomCat

access the files in the actual directory unless the files are access through a servlet of jsp-page in this case? > Date: Wed, 18 Aug 2010 13:13:55 +0100 > From: p...@pidster.com > To: users@tomcat.apache.org > Subject: Re: Configure read/write-access in TomCat > > On 18/08/2010 1

RE: Configure read/write-access in TomCat

save new files in a directory. Then they can NOT do any of the other stated actions, right? Or have I misunderstood? Thanks! > Date: Wed, 18 Aug 2010 13:32:00 +0200 > From: a...@ice-sa.com > To: users@tomcat.apache.org > Subject: Re: Configure read/write-access in TomCat > > K

Re: Configure read/write-access in TomCat

> > admin > > > > > > > > FORM > > > > /Server/index.jsp > > /Server/index.jsp > > > > > > > > admin &

Re: Configure read/write-access in TomCat

K A wrote: Hello I've developed a web-application in which I'd like to have some control of which resources are accessed by whom. My project is called "Server" in which I've got 3 directories: "/user" which all roles are allowed to access, "/admin" which ONLY administrators are allowed to acce

RE: Configure read/write-access in TomCat

e: Configure read/write-access in TomCat > > On 18/08/2010 10:44, K A wrote: > > > > Hello > > > > I've developed a web-application in which I'd like to have some control of > > which resources are accessed by whom. My project is called "Server

Re: Configure read/write-access in TomCat

On 18/08/2010 10:44, K A wrote: > > Hello > > I've developed a web-application in which I'd like to have some control of > which resources are accessed by whom. My project is called "Server" in which > I've got 3 directories: "/user" which all roles are allowed to access, > "/admin" which ONLY

Configure read/write-access in TomCat

Hello I've developed a web-application in which I'd like to have some control of which resources are accessed by whom. My project is called "Server" in which I've got 3 directories: "/user" which all roles are allowed to access, "/admin" which ONLY administrators are allowed to access and "res