I strongly advise against doing this. Unless you know *exactly* what you are
doing it is far too easy to open a whole can of security worms, the most
regularly seen of which is source code disclosure of all of the JSPs on the
site.
Even if I have:-
JkMount /*.jsp my-worker
JkMount /*.do
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Philip,
Philip Wigg wrote:
| I strongly advise against doing this. Unless you know *exactly* what
you are
| doing it is far too easy to open a whole can of security worms, the most
| regularly seen of which is source code disclosure of all of the
Hi,
are there any reasons why Apache and Tomcat cannot share the same web
root folder, presuming that I exclude access to WEB-INF?
Thanks,
Phil.
-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Philip,
Philip Wigg wrote:
| are there any reasons why Apache and Tomcat cannot share the same web
| root folder, presuming that I exclude access to WEB-INF?
Nope, you should be good.
I would also restrict access to META-INF, and if you have any
Christopher Schultz wrote:
Philip,
Philip Wigg wrote:
| are there any reasons why Apache and Tomcat cannot share the same web
| root folder, presuming that I exclude access to WEB-INF?
Nope, you should be good.
I would also restrict access to META-INF, and if you have any files that
should