Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.java.programmer > #8409

Re: How to block http access for selective URL's

Show all headers | View raw

On 11-09-29 10:09 PM, zigzagdna wrote:
> I have several web sites under same installation of Apache Tomcat,
> e.g.,
> http://mycomputer.com/web-admin
> http://mycomputer.com/teamacces
> https://mycomputer.com/teamacces
> 
> 
> What I want to do is to disallow http access to 2nd URL, but allow
> http access to 1st URL. Where I look at server.xml, I can block http
> access for all web sites under mycomputer.com but that is not what I
> want, I still have to allow http access to 1st URL.
> Is there a way to do it, if yes, how?

Simply force the use of SSL for context /teamacces. That is what
'user-data-constraint', and 'transport-guarantee' of CONFIDENTIAL, are
for, in web.xml. Use that in combination with a web-resource-collection
covering that entire web app (since it appears that you're really
requiring that all of web app 'web-admin' is HTTP, and all of web app
'teamacces' is HTTPS).

This is not Tomcat server.xml kind of stuff. This is Servlet API web.xml
kind of stuff.

AHS
-- 
I tend to watch a little TV... Court TV, once in a while. Some of the
cases I get interested in.
-- O. J. Simpson

Back to comp.lang.java.programmer | Previous | Next — Previous in thread | Find similar

Thread

How to block http access for selective URL's zigzagdna <zigzagdna@yahoo.com> - 2011-09-29 18:09 -0700
  Re: How to block http access for selective URL's Jaap Droogers <JaapDroogers@unusable.meel.homelinux.net> - 2011-09-30 10:52 +0200
  Re: How to block http access for selective URL's Arved Sandstrom <asandstrom3minus1@eastlink.ca> - 2011-09-30 06:58 -0300

csiph-web