> From: Leo Donahue - RDSA IT [mailto:leodona...@mail.maricopa.gov] > Subject: RE: Context Path for a subdirectory
> what were my options to restrict access to just a subdirectory of a > web app in Tomcat 6.0.35? Using just spec-provided mechanisms, such access can be limited to specific users by including the appropriate security constraint elements in the webapp's WEB-INF/web.xml. The wrinkle you want is to limit by IP address, which is not a capability the servlet spec covers. > I'll admit, contexts are confusing to me. The main thing to remember is that each webapp (context) is expected to be physically separate from all other webapps. (This has nothing to do with the URLs used to access the webapps, just the location of the webapps in the server's file system, database, memory, paper tape, or whatever medium they're stored on.) > What is the right way to do this in Tomcat 6.0.35? Probably the easiest is just to pick up the filter from Tomcat 7 and use it in 6. The SecurityFilter from sourceforge might be able to do it, but I'm not sure (Chris should know). - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
