I am running JBoss 2.4.3, Tomcat 4.0, Apache 1.3.22. I am using module mod_auth_ldap for BASIC HTTP authentication. For specifying the protected resources, we have to protect the directory where those resources reside. e.g.
Options Indexes FollowSymLinks
allow from all
AuthName "RCS Staff only"
Base_DN "o=Fox Chase Cancer Center,c=US"
#Bind_DN "uid=admin,o=Fox Chase Cancer Center,c=US"
require user muquit foo bar "john doe"
#require roomnumber "123 Center Building"
#require filter "(&(telephonenumber=1234)(roomnumber=123))"
#require group cn=rcs,ou=Groups
JBoss requires us to put the resources in JAR/WAR/EAR files and put into deploy directory (because my understanding is that server.xml of catalina does not talk to JBoss (please let me know if I am wrong)).
How can I use BASIC HTTP auth in this scenario. Is there a workaround? Can I put my JSP/HTML/gif resources in a directory and protect them and make JBoss happy too!