Change the listings parameter value in the %CATALINA_HOME%/conf/web.xml to
false. IE:
<servlet>
.
.
.
<init-param>
<param-name>listings</param-name>
<param-value>false</param-value>
</init-param>
</servlet>
This should turn off the file listings so that users should not be able to
navigate.
Robert S. Harper
Information Access Technology, Inc.
-----Original Message-----
From: Scott Purcell [mailto:[EMAIL PROTECTED]
Sent: Wednesday, August 31, 2005 9:24 AM
To: tomcat-user@jakarta.apache.org
Subject: Users Can See root files
Hello,
I was showing someone my website the other day, and when they started
playing with the URL, they could see the jsp files, html files, and files
under the WEB-INF directory.
Is created a <welcome-file-list> in the web.xml, but I guess if someone
plays with the url and tries to get a look at the files that does not help.
How does one shut down all access to anything from a url
Thanks
Scott
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
