Re: Context Path for a subdirectory

Thu, 29 Nov 2012 13:13:30 -0800 

On 11/29/2012 12:32 PM, Leo Donahue - RDSA IT wrote:

-----Original Message----- From: Mark Eggers
[mailto:its_toas...@yahoo.com] Sent: Thursday, November 29, 2012
1:12 PM To: Tomcat Users List Subject: Re: Context Path for a
subdirectory

On 11/29/2012 11:41 AM, Leo Donahue - RDSA IT wrote:

Reading the docs:
http://tomcat.apache.org/tomcat-7.0-doc/config/context.html

"..The web application used to process each HTTP request is
selected by

Catalina based on matching the longest possible prefix of the
Request URI against the context path of each defined Context."


If I have a webapp, with a www directory, and in that www
directory are

other directories, how would I restrict access to one of those
subdirectories to the localhost?


webapps webapp1 -WEB-INF -classes -lib -www -directory1
-directory2

Is the context path of directory1:  /webapp1/directory1

Would I create a context named directory1.xml such as the
following?

<?xml version="1.0" encoding="UTF-8"?> <Context
antiResourceLocking="false" privileged="true"
path="/webapp1/directory1">

<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" /> </Context>


Leo


How about:

http://tomcat.apache.org/tomcat-7.0-doc/config/filter.html

In particular:


http://tomcat.apache.org/tomcat-7.0-
doc/config/filter.html#Remote_Address_Filter


Although as has been discussed previously on the mailing list, the
regular expression is a bit simplistic.

. . . . just my two cents. /mde/



Thank you Mark.

I realized the first reply I got might be why not try it, my
question, which I did, and of course I had it wrong.

I thought of security-constraint right after I clicked send, but the
filter will also work.

http://planning.maricopa.gov/rest - needed to restrict access to one
directory of that webapp.  It's a third party app, but our data.

Leo
I guess you're referring to an ip-constraint element inside the security-constraint element? 

Something like:

   <security-constraint>
     <web-resource-collection>
       <url-pattern>/*</url-pattern>
     </web-resource-collection>
     <ip-constraint>127.0.0.1</ip-constraint>
     <ip-constraint>192.168.1.0/24</ip-constraint>
   </security-constraint>

From glancing around on the web, this looks like it's Resin - specific.
I didn't see ip-constraint in the 2.5 xsd or in the 3.0 xsd. If it's not standard, I doubt it will make it into Tomcat. I'm sure one of the committers (just a happy user here) will correct me if I'm wrong. 

. . . . just my two cents
/mde/


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to