Changeset 26517 for main/trunk/greenstone3/web/WEB-INF/web.xml
- Timestamp:
- 2012-11-23T20:19:42+13:00 (11 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
main/trunk/greenstone3/web/WEB-INF/web.xml
r26514 r26517 409 409 </mime-mapping> 410 410 411 <!-- Deny access to contents of URL pattern /usersDB/* 412 It appears the url pattern has to be relative to the web directory (a url-pattern of /usersDB/* is insufficient), so this may need to be done for all sites. 413 http://stackoverflow.com/questions/5333266/tomcat-deny-access-to-specific-files 414 and http://www.coderanch.com/t/84442/Tomcat/write-correct-url-pattern-security --> 415 <security-constraint> 416 <web-resource-collection> 417 <web-resource-name>usersDB files</web-resource-name> 418 <description>No direct access to usersDB files.</description> 419 <url-pattern>/sites/localsite/etc/usersDB/*</url-pattern> 420 <!--<url-pattern>/usersDB/*</url-pattern>--> 421 <http-method>POST</http-method> 422 <http-method>GET</http-method> 423 </web-resource-collection> 424 <auth-constraint> 425 <description>No direct browser access to usersDB files.</description> 426 <role-name>NobodyHasThisRole</role-name> 427 </auth-constraint> 428 </security-constraint> 429 411 430 </web-app>
Note:
See TracChangeset
for help on using the changeset viewer.