...
[13:57:52 CDT(-0500)] <serac> The behavior you're seeing indicates you can't do both.
[13:58:01 CDT(-0500)] <serac> I was thinking this was static content served by Apache.
[13:58:31 CDT(-0500)] <atilling> the /CFIDE folder contains the coldfusion server settings
[13:59:57 CDT(-0500)] <atilling> but the server settings themselves are a cfm page(s)
[14:00:15 CDT(-0500)] <serac> And you need them interpreted by Cold Fusion.
[14:00:59 CDT(-0500)] <serac> You may want to consider switching to mod_proxy_ajp, which I believe would support this use case.
[14:01:02 CDT(-0500)] <atilling> Coldfusion has password protection for the server admin but it's fairly weak and I wanted to put mod_auth_cas in front of that folder
[14:04:02 CDT(-0500)] <serac> You might post to users@tomcat.apache.org to find out whether it's possible to apply Apache security directives to URIs that are mapped to Tomcat. While it would be surprising if you can't, I can imagine that's the case.
[14:04:20 CDT(-0500)] <atilling> thanks
[14:05:45 CDT(-0500)] <serac> Let me know either way. I'm sure that knowledge would come in handy down the road sometime.
[14:06:14 CDT(-0500)] <atilling> will do