Andreas Schneider wrote:
> Michael Clark schrieb:
>> Andreas Schneider wrote:
>>
>>> [Wed Mar 19 14:57:27 2008] [error] [client 127.0.0.1] client denied by
>>> server configuration:
>>> E:/server/apache-tomcat-6.0/temp/0-sw-builder/ci.css,
>>> referer: http://localhost/sw-builder/login.jsp
>>>
>>>
>>
>> You have denies for the subdirectories of the expanded war but you don't
>> have an associated allow on that directory.
>>
>>
>>> <Directory "E:/server/apache-tomcat-6.0/temp/0-sw-builder">
>>> Options Indexes FollowSymLinks
>>> DirectoryIndex index.html index.htm index.jsp
>>>
>>
>> Try adding:
>>
>> AllowOverride None
>> allow from all
>>
>>
>
> Yes, that's working. My problem is, that this conf file is auto
> generated (%CATALINA_HOME%/conf/auto/mod_jk.conf). Should I add this
> to the http.conf? Is that a security problem to do this?
Yes, sounds reasonable. There shouldn't be a security issue.
Assuming tomcat only extracts web apps into its temp dir - and nothing
else can be accessed there unless it is explicitly mapped by a clause in
the generated conf file, then you might like to add a clause in your
httpd.conf for the parent of the extracted webapp dir (then all will
work when other webapps are deployed or if the auto-generated
subdirectory names changes). e.g.
<Directory "E:/server/apache-tomcat-6.0/temp/">
AllowOverride None
allow from all
</Directory>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|