Christopher Schultz wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
All,
On 12/1/2009 10:26 AM, André Warnier wrote:
groupalias v wrote:
httpd.conf
-------------
LoadModule jk_module modules/mod_jk.so
<IfModule jk_module>
What the h.. is this line for : ?
It's for conditional inclusion of Apache httpd directives when modules
may or may not be loaded.
No. I was talking about the "Alias" which follows. Hence the trailing
":" in my question. Ok, following the colon by a question mark wasn't
the clearest thing either...
The test I have in my httpd.conf is:
<IfModule mod_jk.c>
I can't find any references online to the use of jk_module in
<IfModule>, so the OP might want to change it.
Alias /test/ "/srv/tomcat6/webapps/A"
It kind of contradicts these next lines :
JKMount /test/ A
JkMount /test/* A
Because of the Alias line, I don't think that mod_jk even gets to see
your /test/ URLs.
No, mod_jk gets higher priority than mod_alias. I'm not entirely sure
how the pecking order is decided, but I do know that mod_jk gets first shot.
Yes, +1 about the "not sure". That is why I prefer, rather than JkMount,
the form with
<Location /test>
SetHandler jakarta-servlet
...
</Location>
At least in that case the precedences are clear, and I find that this
syntax fits better with "the Apache way of things", and is much more
flexible than JkMount/JkUnMount.
My general gripe about that Alias line, is that it generally gives
access for Apache, to the entire tomcat webapps directory, thus from the
start bypassing anything configured at Tomcat level in terms of
security. Then later, one has to "patch" this hole by a series of
conditional Deny rules, hoping not to forget one.
And in 99% of the cases, one does forget something, such as also
forbidding META-INF e.g.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
