Path: csiph.com!x330-a1.tempe.blueboxinc.net!newsfeed.hal-mli.net!feeder1.hal-mli.net!nx02.iad01.newshosting.com!newshosting.com!69.16.185.11.MISMATCH!npeer01.iad.highwinds-media.com!news.highwinds-media.com!feed-me.highwinds-media.com!post01.iad.highwinds-media.com!newsfe08.iad.POSTED!8ad76e89!not-for-mail
From: Arved Sandstrom <asandstrom3minus1@eastlink.ca>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.21) Gecko/20110831 Lightning/1.0b2 Thunderbird/3.1.13
MIME-Version: 1.0
Newsgroups: comp.lang.java.programmer
Subject: Re: How to block http access for selective URL's
References: <0f7e5dde-1651-4644-9a41-0145401f2b74@dk6g2000vbb.googlegroups.com>
In-Reply-To: <0f7e5dde-1651-4644-9a41-0145401f2b74@dk6g2000vbb.googlegroups.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Lines: 30
Message-ID: <hpghq.145$473.96@newsfe08.iad>
X-Complaints-To: abuse@newsgroups-download.com
NNTP-Posting-Date: Fri, 30 Sep 2011 09:58:37 UTC
Organization: Public Usenet Newsgroup Access
Date: Fri, 30 Sep 2011 06:58:37 -0300
Xref: x330-a1.tempe.blueboxinc.net comp.lang.java.programmer:8409

On 11-09-29 10:09 PM, zigzagdna wrote:
> I have several web sites under same installation of Apache Tomcat,
> e.g.,
> http://mycomputer.com/web-admin
> http://mycomputer.com/teamacces
> https://mycomputer.com/teamacces
> 
> 
> What I want to do is to disallow http access to 2nd URL, but allow
> http access to 1st URL. Where I look at server.xml, I can block http
> access for all web sites under mycomputer.com but that is not what I
> want, I still have to allow http access to 1st URL.
> Is there a way to do it, if yes, how?

Simply force the use of SSL for context /teamacces. That is what
'user-data-constraint', and 'transport-guarantee' of CONFIDENTIAL, are
for, in web.xml. Use that in combination with a web-resource-collection
covering that entire web app (since it appears that you're really
requiring that all of web app 'web-admin' is HTTP, and all of web app
'teamacces' is HTTPS).

This is not Tomcat server.xml kind of stuff. This is Servlet API web.xml
kind of stuff.

AHS
-- 
I tend to watch a little TV... Court TV, once in a while. Some of the
cases I get interested in.
-- O. J. Simpson