Hi;
Ok - report is under way ... PS I 1st checked the Netbeans List to make sure i can't do anything about this from the Netbeans side. Its just emited from the IDE this way and there is no way to change those internals. Thx hb -----Ursprüngliche Nachricht----- Von: Rainer Jung [mailto:[EMAIL PROTECTED] Gesendet: Montag, 21. Januar 2008 13:19 An: Tomcat Users List Betreff: Re: AW: isapi_redirector & protected Diretories Holger Burde wrote: > Hi; > > Thanks for the reply. > > This type of matching breaks at least every JSF Netbeans (5.x/6.x) > App and maybe others. We have no choice now than patching the > isapi_redirector. Also i thought that Tomcat protects those dirs ? or > is this not the case if access is via ajp13 ? It is, even for ajp13. To document the problem please open an issue in bugzilla and give some information, why you can't simply avoid those directory names. > > hb Regards, Rainer > > -----Ursprüngliche Nachricht----- Von: Rainer Jung > [mailto:[EMAIL PROTECTED] Gesendet: Montag, 21. Januar 2008 > 11:47 An: Tomcat Users List Betreff: Re: isapi_redirector & protected > Diretories > > Hi Holger, > > Holger Burde wrote: >> Hi; >> >> I did a Netbeans 6 JSF Project recently which was developed and >> tested with Tomcat6. The final installation was set up with Tomcat >> 6.0.14 behind IIS6 (Connectors / isapi_rediretor (latest version)). >> >> >> Running some tests we discovered that allmost all Javascript was >> filtered out and we got almost blank pages. The Reason was that the >> isapi_redirector filters out every access to any URI which >> *contains* META-INF / WEB-INF ANYWERE in the PATH. >> >> Example : javascript $CONTEXT/theme/META-INF/json/json.jsf >> >> This is not THE META-INF config directory - its just a Path which >> accidential contains META-INF !!! >> >> Is there any way to configure access to such directories or ist his >> a Bug in the isapi_redirector ? From the source it looks like it a >> substring Match which filters out anything. Any Comments on this >> are welcome. > > No, there is no way to change this via configuration. A context path > can be multiple-directories, so since we don't know what's exactly > deployed in the backend, we need to secure all possible WEB-INF and > META-INF directories. > > Best would be to not use those names for normal content directories. > Not only because your isapi redirector problem, but also because > admins might misinterprete the directories. > > If the stuff in the directories is static and you deploy it on IIS > itself, you can use an exclusion mount for them. That way we don't > find a worker, and for requests that don't get send to the backend, > there is no such check. Be careful though, you don't want to expose > your real META-INF resp. WEB-INF. > >> Thanks in advance >> >> >> Hb >> >> Java developer > > Regards, > > Rainer --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
