Focal Point Banner

As of December 1, 2020, Focal Point is retired and repurposed as a reference repository. We value the wealth of knowledge that's been shared here over the years. You'll continue to have access to this treasure trove of knowledge, for search purposes only.

Join the TIBCO Community
TIBCO Community is a collaborative space for users to share knowledge and support one another in making the best use of TIBCO products and services. There are several TIBCO WebFOCUS resources in the community.

  • From the Home page, select Predict: WebFOCUS to view articles, questions, and trending articles.
  • Select Products from the top navigation bar, scroll, and then select the TIBCO WebFOCUS product page to view product overview, articles, and discussions.
  • Request access to the private WebFOCUS User Group (login required) to network with fellow members.

Former myibi community members should have received an email on 8/3/22 to activate their user accounts to join the community. Check your Spam folder for the email. Please get in touch with us at for further assistance. Reference the community FAQ to learn more about the community.

Focal Point    Focal Point Forums  Hop To Forum Categories  WebFOCUS/FOCUS Forum on Focal Point     [CLOSED] Secure standard url

Read-Only Read-Only Topic
[CLOSED] Secure standard url
Gold member

I want to secure this urls :

http://hostname/ (Tomcat windows)
http://hostname/ibi_apps/ (webfocus windows)

is it possible to secure before user can be look the page ?


This message has been edited. Last edited by: JACQUETL,

Webfocus 8.201M.
InfoAssist +
Posts: 92 | Location: France | Registered: July 08, 2009Report This Post
posted Hide Post

If you want to secure pages using tomcat only, then that's not an easy thing to do.
Point is that Tomcat actually is not a full blown webserver, it is basically just an application server.
For security tomcat usually depends on other packages to implement username/password control.
There is some very basic username/password control built into tomcat, look at the tomcat-users.xml file (in the conf directory).

Easiest way to implement security is by letting IIS do the access control, when ok link through to tomcat for all application requests.
You'll need the jakarta plug-in for iis to get this done.
There is ample documentation on this issue available - the webfocus security administration manual is a very good source.


- Using AS 8.2.01 on Windows 10 - IE11.
in Focus since 1988
Posts: 1961 | Location: Netherlands | Registered: September 25, 2007Report This Post
To protect http://hostname/ rename $CATALINA_HOME/webapps/ROOT/index.jsp (restart tomcat)

Alternatively edit the Tomcat web.xml file and find the following block and delete the index.jsp entry


To protect http://hostname/ibi_apps/ rename homepage.jsp in the root ibi_apps folder (redeploy ibi_apps)
(if you've deployed the app instead of the folder you will need to re-jar it and then redeploy)
Report This Post
Platinum Member
posted Hide Post
Here is an article I wrote on using Tomcat security to protect resources using Active Directory:

The document also references Tech Memo 4606, which explains how to use secure WebFOCUS using the internal Tomcat security.

Doug Logan

WF 71.x, 76.x, 7701, 8.0 Beta OS: Linux, Win2k3, Win2k, Win2k8, WinXP

Posts: 203 | Registered: November 19, 2007Report This Post
  Powered by Social Strata  

Read-Only Read-Only Topic

Focal Point    Focal Point Forums  Hop To Forum Categories  WebFOCUS/FOCUS Forum on Focal Point     [CLOSED] Secure standard url

Copyright © 1996-2020 Information Builders