Java Forum

Ask Question   UnAnswered
Home » Forum » Java       RSS Feeds

Protecting Files and Directories with Tomcat

  Asked By: James    Date: Jun 16    Category: Java    Views: 753

How is it possible to protect a file and/or directory
in order not to allow visitors to the site view them
in their browsers?

For example, I have a site.properties file in my root
directory and I want a message to be displayed when a
user tries to view that file warning him/her that
he/she is trying to access a resource that he's not
allowed to do that.

Is it possible to gain such a behavior by modigying
Tomcat's configuration files?



4 Answers Found

Answer #1    Answered By: Viola Hanson     Answered On: Jun 16

I dont know, if tomcat  allow that or not,
but you can easily do this by integrating Tomcat with
either Apache or IIS. You can configure IIS by
disabling directory listing. So user could only view
the the HTML files  by using their names and will not
be able to view  directory contents.

Also you can disable guest user access  to that
particular directory.

Answer #2    Answered By: Arthur Cole     Answered On: Jun 16

use one of the following patterns:
1) front controller
2) filter chain
both works very well, you can use any other kind of
controller to be able to responde to any url pattern.

Answer #3    Answered By: Jim Williamson     Answered On: Jun 16

I have found some articles about Filters and their
work, but I don't know what a Front Controller is. Can
you explain a little bit about Fron Controllers,

Answer #4    Answered By: Sherri Parker     Answered On: Jun 16

when you deploy a j2ee application one of the proper
patterns you can use for design is MVC (Model, View,
Controller) refer to design pattern by gang of 4 for
more details on this, j2ee has a strong support for
MVC in type 3 j2ee applications MVC will be
implemented like this:
Model : EJB (session and entity)
View: JSB (&some times with taglib and servlet)
Controller: Servlet

in short Controllers take care of the connection
between model and view, one of the patterns for
controller is front controller in which all http
request are given into one servlet (usually with
multiple instances) and this servlet takes care of
authorization, authenticaion and dispatchin of all
events in the system by use of other helper classes
which are usually a log manager, application resource
manager and a dispatcher.

to see more details and variations of these patterns
download and install TogetherJ and apply j2ee front
controller pattern and see the varations of pattern in

Didn't find what you were looking for? Find more on Protecting Files and Directories with Tomcat Or get search suggestion and latest updates.