How to block http access for selective URL's

zigzagdna · Sep 30, 2011

I have several web sites under same installation of Apache Tomcat,
e.g.,
http://mycomputer.com/web-admin
http://mycomputer.com/teamacces
https://mycomputer.com/teamacces

What I want to do is to disallow http access to 2nd URL, but allow
http access to 1st URL. Where I look at server.xml, I can block http
access for all web sites under mycomputer.com but that is not what I
want, I still have to allow http access to 1st URL.
Is there a way to do it, if yes, how?

RavinderSingh · Sep 30, 2011

Hi all,

I don't knw anything abt java programming bt i want to learn it....i m little confused hw to start and frm where to start....plzz sum1 plzzz refer me few best sites and few best books tht culd help me in learning java in much easier and best way.....

Jaap Droogers · Sep 30, 2011

I have several web sites under same installation of Apache Tomcat,
e.g.,
http://mycomputer.com/web-admin
http://mycomputer.com/teamacces
https://mycomputer.com/teamacces

What I want to do is to disallow http access to 2nd URL, but allow
http access to 1st URL. Where I look at server.xml, I can block http
access for all web sites under mycomputer.com but that is not what I
want, I still have to allow http access to 1st URL.
Is there a way to do it, if yes, how?

I use my Apache HTTP server for this kind of access. It is not the most
advanced configuration, but for me it works fine.

In proxy.conf (from the HTTP server) I enter the following statements:
ProxyPass /hudson http://localhost:8080/hudson
ProxyPassReverse /hudson http://localhost:8080/hudson

My network firewall only forwards http (80) and https (443) to my
server, Tomcat listens to 8080 so it is not posible to acces Tomcat
direct from the outside world.

Jaap.

Arved Sandstrom · Sep 30, 2011

I have several web sites under same installation of Apache Tomcat,
e.g.,
http://mycomputer.com/web-admin
http://mycomputer.com/teamacces
https://mycomputer.com/teamacces

What I want to do is to disallow http access to 2nd URL, but allow
http access to 1st URL. Where I look at server.xml, I can block http
access for all web sites under mycomputer.com but that is not what I
want, I still have to allow http access to 1st URL.
Is there a way to do it, if yes, how?

Simply force the use of SSL for context /teamacces. That is what
'user-data-constraint', and 'transport-guarantee' of CONFIDENTIAL, are
for, in web.xml. Use that in combination with a web-resource-collection
covering that entire web app (since it appears that you're really
requiring that all of web app 'web-admin' is HTTP, and all of web app
'teamacces' is HTTPS).

This is not Tomcat server.xml kind of stuff. This is Servlet API web.xml
kind of stuff.

AHS

Using Host For HTTP Request	2	Mar 3, 2013
Spring Boot Request Mapping: How to Handle Multiple Request Paths in a Controller	1	Oct 12, 2023
How to block http file transfer	2	Oct 3, 2012
How to position the tooltip comment on these buttons?	9	Nov 4, 2023
selective page access	2	Feb 3, 2005
Vercel/NextJS: How to access serverless functions from frontend during local development?	0	Jul 16, 2021
Use Regular Expressions to extract URL's	3	Apr 30, 2010
Apache Tomcat https link goes down but http works	1	Jul 28, 2010

How to block http access for selective URL's

zigzagdna

RavinderSingh

Jaap Droogers

Arved Sandstrom

Ask a Question

Similar Threads

Members online

Forum statistics

Latest Threads