marmot 1333
Reputation: 79
Tomcat - using SSL on some directories but not on others
How can I configure tomcat7 & SSL to only require authentication on selected subfolders of my web site?
For example, I have a folder that I want to be publicly accessible: /nonSecure/
While I have another folder that requires authentication: /secureStuff/
What do I need to do? I have a feeling the answer lies in the conf/web.xml or the conf/server.xml files but so far have had no luck.
Upvotes: 0
Views: 39
Answers (1)
user207421
Reputation: 311047
You have to provide appropriate <security-constraint> entries in your web.xml, that specify <transport-guarantee>CONFIDENTIAL</transport-guarantee> for the URLs you want to secure with HTTPS.
Assuming you are using Container Managed Authentication. If you aren't, you should be.
Upvotes: 1
Related Questions
- What is wrong with the way I configured SSL in tomcat?
- force ssl in tomcat 7
- How to configure Tomcat7 with two SSL
- Multiple SSL config on Tomcat 8.5
- Configuring tomcat https for specific service
- Using both SSL and Non-SSL in Tomcat 6
- configure Tomcat to support SSL or https
- Configuring SSL with tomcat
- SSL in Tomcat 7
- Configuring HTTPS certificate usage based on url in Tomcat