Mike,

You need to use Location containers to protect content served via a Java app 
server. The Location container works off of the URI which is really what you 
want to be looking at instead of the physical directory of the resource you're 
trying to deliver. It may be possible to use a directory container (you'd have 
to define one for the directory that the JSP get's compiled into) but that's 
just a silly way of doing things. Add this (with an appropriate URI) to your 
configuration file and you should be all set:

<Location /uri/path/to/snoop.jsp >
   Require valid-user
   PasswdFile %%SYSTEM%%
   AuthType Basic
   AuthName dan
</Location>

Matt
-----Original Message-----
From: Mike Cunningham [mailto:MCUNNING@xxxxxxx]
Sent: Thursday, February 17, 2005 3:13 PM
To: web400@xxxxxxxxxxxx
Subject: [WEB400] Apache and inprocess Tomcat security


I am trying to setup an Apache server with an inprocess Tomcat server to
run jsps, and set it up so that a user must authenticate using an
iSeries userid/profile in order to run the jsp. I have the server
configured and it can run the snoop.jsp code but it does not ask for a
signon before running. If I try and access the index.html file I must
signon first.  Any ideas what I am doing wrong ?  

My server directory structure is
htdocs
conf
java
webapps
logs
work

with the index in htdocs and the jsp in webapps/example

I tried adding the webapps/example as a directory and restricted it but
that did not help

# Configuration originally created by Create HTTP Server wizard on Thu
Feb 17 14:24:04 UTC 2005
LoadModule jk_module /QSYS.LIB/QHTTPSVR.LIB/QZTCJK.SRVPGM
Listen *:81
DocumentRoot /www/dan/htdocs
Options -ExecCGI -FollowSymLinks -SymLinksIfOwnerMatch -Includes
-IncludesNoExec -Indexes -MultiViews
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\"
\"%{User-Agent}i\"" combined
LogFormat "%{Cookie}n \"%r\" %t" cookie
LogFormat "%{User-agent}i" agent
LogFormat "%{Referer}i -> %U" referer
LogFormat "%h %l %u %t \"%r\" %>s %b" common
CustomLog logs/access_log combined
LogMaint logs/access_log 7 0
LogMaint logs/error_log 7 0
HotBackup Off
SetEnvIf "User-Agent" "Mozilla/2" nokeepalive
SetEnvIf "User-Agent" "JDK/1\.0" force-response-1.0
SetEnvIf "User-Agent" "Java/1\.0" force-response-1.0
SetEnvIf "User-Agent" "RealPlayer 4\.0" force-response-1.0
SetEnvIf "User-Agent" "MSIE 4\.0b2;" nokeepalive
SetEnvIf "User-Agent" "MSIE 4\.0b2;" force-response-1.0
JkWorkersFile /www/dan/conf/workers.properties
JkLogFile /www/dan/logs/jk.log
JkLogLevel Error
JkMount /example/* inprocess
JkMount /servlet/* inprocess
<Directory />
   Order Deny,Allow
   Deny From all
</Directory>
<Directory /www/dan/htdocs>
   Order Allow,Deny
   Require valid-user
   Allow From all
   UserID %%CLIENT%%
   PasswdFile %%SYSTEM%%
   AuthType Basic
   AuthName dan
</Directory>

-- 
This is the Web Enabling the AS400 / iSeries (WEB400) mailing list
To post a message email: WEB400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/web400
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/web400.



As an Amazon Associate we earn from qualifying purchases.

This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.