DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=32696>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=32696 Summary: WEB-INF protection stops IIS Product: Tomcat 4 Version: 4.1.30 Platform: PC OS/Version: Windows NT Status: NEW Severity: critical Priority: P2 Component: Unknown AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] Hi, We are having a strange behavior with Jakarta filter loaded in NT4.0 Enterprise Edition with IIS 4.0. After reproducing the steps the IIS service stops: “telnet (server) 80 GET /WEB-INF./web.xml http/1.1” The output generated is: ################################################################################ ######## HTTP/1.1 403 Forbidden Server: Microsoft-IIS/4.0 Date: Thu, 09 Dec 2004 23:34:29 GMT <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><HTML><HEAD><TITLE >Access forbidden!!</TITLE></HEAD><BODY><H1>Access forbidden!</H1><DL><DD> You do n't have permission to access the requested object.It is either read-protected o r not readable by the server.</DL></DD></BODY></HTML> ################################################################################ ######## In the event viewer is displayed (sounds correct): ################################################################################ ######## Emerg: [jk_isapi_plugin.c (434)]: HttpFilterProc [/web-inf./web.xml] points to the web-inf or meta-inf directory. Somebody try to hack into the site!!! ################################################################################ ######## If Jakarta filter is not loaded there is no problem. We are using jakarta- tomcat-connectors jk 1.2.6 win32-IIS. Regards, Hugo Mendonça -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]