[mod-security-users] Re: Re: .htaccess, AUTH, and file access
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
[mod-security-users] Re: Re: .htaccess, AUTH, and file access
|
From: Peter <pet...@co...> - 2006-02-02 14:17:33
|
On Thu, 02 Feb 2006 13:17:07 +0000, Ivan Ristic wrote: > Peter wrote: >> I received this back from my hosting provider: >> >> "Thank you for giving us that information. It appears that the >> investigation is complete. We have determined that you are having >> problems with password protection with your .xls files because you can >> not password protect the .xls file extension with an .htaccess file in >> our shared hosting environment, as it is processed by Tomcat." >> >> Any ideas to circumvent this? Thx > > Circumvent - no. Solve the problem - possibly. If you are in control of > your own web.xml you can configure another authentication layer in > Tomcat. > > Of course, the real question is why do they have such a confusing setup > in the first place. A major point of having Apache in front of > application servers is to use its facilities. It makes no sense to me to > forward requests to application servers before authentication phase > takes place. Thank you. It did not make sense to me, but I am a novice at this. Yes, I do have control over web.xml. Currently, only my error page is in it. <?xml version="1.0" ?> <web-app> <error-page> <error-code>404</error-code> <location>/errorpage.html</location> </error-page> </web-app> Not meaning to take up your time or that of others here, is there a URL where I can read up on Tomcat, learn about the commands I can embed in web.xml and where I can learn the differences between what I would put in web.xml vs. what I would use htaccess for? Looking forward to some heady weekend reading :) (Sarcasm intended!) |
