Hi all,
I'm preparing for deploying Tomcat based web applications on a dedicated
server (finally!). I have experience with Tomcat webapps on my local
Windows machine, but am making myself familiar with a real-life
situation on a Ubuntu Linux server.
From what I've read, chrooting Tomcat seems a sensible security
measure, documented in detail in O'Reilly's "Tomcat: the Definitive
Guide" (<http://oreilly.com/catalog/tomcat/chapter/ch06.pdf>). Before I
start messing around, however, I would like to clarify some concepts.
If I
1. setup Tomcat for virtual hosts, serving webapps from another
directory than %TOMCAT_HOME%/webapps, say
/var/www/virtualhosts/[virtualhost]/
2. install Tomcat in its chroot jail at /home/chroot/tomcat
...will Tomcat be able to serve these webapps?
In other words: is it possible to have Tomcat serve web applications
that are physically located outside the chroot jail within which Tomcat
is running? I am considering this option because I would like to
configure the webapps under /var/www/virtualhosts/[virtualhost]/ for
chrooted SSH/SFTP access as well. If this is not possible, are there
perhaps other common guidelines for configuring virtual hosts for a
chrooted Tomcat?
I'm aware of and apologise for the basic level of these questions; any
hints would be really appreciated!
Ron Van den Branden
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
