Siguršur Bjarnason wrote:
First of all, Apache cannot handle JSPs and has no knowledge of Servlets. Second, if both Apache and Tomcat-via-connector access the same dir, won't there be a confusion? Third, yes, it is a security risk, since not only protection in Tomcat is bypassed, but Apache might display your JSP source.Hi allThe question is.. is there any security risk if I Have the Apache DocumentRoot pointing straight to the webapps folder ?!
Nix.
--
To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@;jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@;jakarta.apache.org>