|
Mike, You need to use Location containers to protect content served via a Java app server. The Location container works off of the URI which is really what you want to be looking at instead of the physical directory of the resource you're trying to deliver. It may be possible to use a directory container (you'd have to define one for the directory that the JSP get's compiled into) but that's just a silly way of doing things. Add this (with an appropriate URI) to your configuration file and you should be all set: <Location /uri/path/to/snoop.jsp > Require valid-user PasswdFile %%SYSTEM%% AuthType Basic AuthName dan </Location> Matt -----Original Message----- From: Mike Cunningham [mailto:MCUNNING@xxxxxxx] Sent: Thursday, February 17, 2005 3:13 PM To: web400@xxxxxxxxxxxx Subject: [WEB400] Apache and inprocess Tomcat security I am trying to setup an Apache server with an inprocess Tomcat server to run jsps, and set it up so that a user must authenticate using an iSeries userid/profile in order to run the jsp. I have the server configured and it can run the snoop.jsp code but it does not ask for a signon before running. If I try and access the index.html file I must signon first. Any ideas what I am doing wrong ? My server directory structure is htdocs conf java webapps logs work with the index in htdocs and the jsp in webapps/example I tried adding the webapps/example as a directory and restricted it but that did not help # Configuration originally created by Create HTTP Server wizard on Thu Feb 17 14:24:04 UTC 2005 LoadModule jk_module /QSYS.LIB/QHTTPSVR.LIB/QZTCJK.SRVPGM Listen *:81 DocumentRoot /www/dan/htdocs Options -ExecCGI -FollowSymLinks -SymLinksIfOwnerMatch -Includes -IncludesNoExec -Indexes -MultiViews LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined LogFormat "%{Cookie}n \"%r\" %t" cookie LogFormat "%{User-agent}i" agent LogFormat "%{Referer}i -> %U" referer LogFormat "%h %l %u %t \"%r\" %>s %b" common CustomLog logs/access_log combined LogMaint logs/access_log 7 0 LogMaint logs/error_log 7 0 HotBackup Off SetEnvIf "User-Agent" "Mozilla/2" nokeepalive SetEnvIf "User-Agent" "JDK/1\.0" force-response-1.0 SetEnvIf "User-Agent" "Java/1\.0" force-response-1.0 SetEnvIf "User-Agent" "RealPlayer 4\.0" force-response-1.0 SetEnvIf "User-Agent" "MSIE 4\.0b2;" nokeepalive SetEnvIf "User-Agent" "MSIE 4\.0b2;" force-response-1.0 JkWorkersFile /www/dan/conf/workers.properties JkLogFile /www/dan/logs/jk.log JkLogLevel Error JkMount /example/* inprocess JkMount /servlet/* inprocess <Directory /> Order Deny,Allow Deny From all </Directory> <Directory /www/dan/htdocs> Order Allow,Deny Require valid-user Allow From all UserID %%CLIENT%% PasswdFile %%SYSTEM%% AuthType Basic AuthName dan </Directory> -- This is the Web Enabling the AS400 / iSeries (WEB400) mailing list To post a message email: WEB400@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options, visit: http://lists.midrange.com/mailman/listinfo/web400 or email: WEB400-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/web400.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.