Re: Enabling CGI/Perl in Tomcat 5.5.9

2005-08-17 Thread Mark Thomas 

I haven't tested any of this, I am working entirely from memory and
the documentation.

I think you have a security problem.

As your system is configured a request for
http://foo.bar.com/3gflex/3gcgi/somedir/myscript.cgi
will look for the script at
/usr/prod/3gflex/somedir/myscript.cgi
but a request for
http://foo.bar.com/3gflex/somedir/myscript.cgi
will return the content of your script.

You have two options.
1. Move all your cgi scripts under the WEB-INF directory.
2. Use extension mapping (which is now supported) rather than path
mapping.

The easiest fix will depend on how your application is structured.
Extension mapping will look something like:
 
 cgi
 *.cgi
 

Mark

A Madhusudan-A5324C wrote:

Hi,

I am facing some problems with enabling CGI in Tomcat 5.5.9.

I followed the instructions given in the Manual, and renamed the
servlets-cgi.renametojar under jakarta-tomcat-5.5.9\server\lib\ to
servlets-cgi.jar.

Further I modified the web.xml files to uncomment the CGI enabling part.
Here they are


cgi
 
org.apache.catalina.servlets.CGIServlet


  debug
  6


  executable
  /usr/local/bin/perl


  cgiPathPrefix
  /

 5



cgi
/3gcgi/*


My context.xml file points to a directory outside the tomcat dir structure.
It is




WEB-INF/web.xml






The problem I am facing is that whatever perl scripts I have stored under
/usr/prob/3gflex/, does not execute. But any perl script under any directory
under /usr/prob/3gflex/ executes perfectly. The same if copied one level
above fails. The error thrown is given below..

java.lang.StringIndexOutOfBoundsException: String index out of range: -2
java.lang.String.substring(String.java:1480)
java.lang.String.substring(String.java:1447)

org.apache.catalina.servlets.CGIServlet$CGIEnvironment.findCGI(CGIServlet.ja
va:942)

org.apache.catalina.servlets.CGIServlet$CGIEnvironment.setCGIEnvironment(CGI
Servlet.java:1009)

org.apache.catalina.servlets.CGIServlet$CGIEnvironment.(CGIServlet.jav
a:787)
org.apache.catalina.servlets.CGIServlet.doGet(CGIServlet.java:591)
javax.servlet.http.HttpServlet.service(HttpServlet.java:689)
javax.servlet.http.HttpServlet.service(HttpServlet.java:802)


Can anyone please hep me on this one..

Thanks
Madhusudan

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]








-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Enabling CGI/Perl in Tomcat 5.5.9

2005-08-17 Thread A Madhusudan-A5324C 
Hi,

I am facing some problems with enabling CGI in Tomcat 5.5.9.

I followed the instructions given in the Manual, and renamed the
servlets-cgi.renametojar under jakarta-tomcat-5.5.9\server\lib\ to
servlets-cgi.jar.

Further I modified the web.xml files to uncomment the CGI enabling part.
Here they are


cgi
 
org.apache.catalina.servlets.CGIServlet

  debug
  6


  executable
  /usr/local/bin/perl


  cgiPathPrefix
  /

 5



cgi
/3gcgi/*


My context.xml file points to a directory outside the tomcat dir structure.
It is




WEB-INF/web.xml






The problem I am facing is that whatever perl scripts I have stored under
/usr/prob/3gflex/, does not execute. But any perl script under any directory
under /usr/prob/3gflex/ executes perfectly. The same if copied one level
above fails. The error thrown is given below..

java.lang.StringIndexOutOfBoundsException: String index out of range: -2
java.lang.String.substring(String.java:1480)
java.lang.String.substring(String.java:1447)

org.apache.catalina.servlets.CGIServlet$CGIEnvironment.findCGI(CGIServlet.ja
va:942)

org.apache.catalina.servlets.CGIServlet$CGIEnvironment.setCGIEnvironment(CGI
Servlet.java:1009)

org.apache.catalina.servlets.CGIServlet$CGIEnvironment.(CGIServlet.jav
a:787)
org.apache.catalina.servlets.CGIServlet.doGet(CGIServlet.java:591)
javax.servlet.http.HttpServlet.service(HttpServlet.java:689)
javax.servlet.http.HttpServlet.service(HttpServlet.java:802)


Can anyone please hep me on this one..

Thanks
Madhusudan

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]