Re: [pebble-user] Connecting apache andtomcat
Brought to you by:
oko,
simon_g_brown
From: <da...@da...> - 2009-01-15 01:04:00
|
Hello Olaf, what does Charlie Brown say?: ARRRRGGH! There were two pebble.properties (and I created them!). Thanks muchly. But you are not off the hook because I must implement HTTPS. Thanks again, David. Olaf Kock wrote .. > da...@da... schrieb: > > Hello Olaf, I am replying here but of course the content is directed at anybody > that is motivate to reply. I subscribed to the Tomcat ML with the following but > I got no reply: > > > > The TC website doco specifically references (in red font) the dangers of the > web server (HTTPD) gaining access to the WEB-INF directory. The reference goes > on to say this could happen if the HTTPD DocumentRoot and the TC appBase and docBase > overlap on the same file system. My question is: what constitutes an overlap? Currently > my DocumentRoot, appBase and docBase are defined as: > > > > DocumentRoot=/home/user/www > > appBase=/home/user/www/web > > docBase=/pebble > > The overlap happens, when you can (e.g.) request web.xml through apache > - this is a file that is usually not delivered to the end user and one > that shouldn't. Basically, all files that reside in WEB-INF should not > be visible through http unless the application specifically delivers > them (e.g. there might be jsp files below WEB-INF, but they will not be > visible to the client through other means than the application logic to > specifically forward to such a jsp. There is no way that an URL for > these pages can be constructed without the application willingly > redirecting to such a path. > > Try to construct a path with .../WEB-INF/web.xml and see for yourself. > It shouldn't work. > > It seems like you're very close. It might be that there are some > leftovers from previous configuration attempts - try to see if there is > more than one pebble installation and make sure that you have only one. > find / -name pebble.properties > would be the linux command line to search recursively for any file under > / named pebble.properties, preferable as root to be able to see all > directories. > > Cheers, > Olaf > > > > > The mod_proxy_ajp seems to be doing what is supposed to do: > > > > http://www.davidwbrown.name/pebble navigates to the right page. But, the links > for <Home> and <Welcome> use the following: http://www.davidwbrown.name/web/pebble > which returns the error condition: Service Temporarily Unavailable. > > > > I have the gut feeling I'm close but no cigar. > > > > If anybody has any suggestions please advise, David. > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by: > SourcForge Community > SourceForge wants to tell your story. > http://p.sf.net/sfu/sf-spreadtheword > _______________________________________________ > Pebble-user mailing list > Peb...@li... > https://lists.sourceforge.net/lists/listinfo/pebble-user |