I strongly advise against doing this. Unless you know *exactly* what you are
doing it is far too easy to open a whole can of security worms, the most
regularly seen of which is source code disclosure of all of the JSPs on the
site.
Even if I have:-
JkMount /*.jsp my-worker
JkMount /*.do
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Philip,
Philip Wigg wrote:
| I strongly advise against doing this. Unless you know *exactly* what
you are
| doing it is far too easy to open a whole can of security worms, the most
| regularly seen of which is source code disclosure of all of the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Philip,
Philip Wigg wrote:
| are there any reasons why Apache and Tomcat cannot share the same web
| root folder, presuming that I exclude access to WEB-INF?
Nope, you should be good.
I would also restrict access to META-INF, and if you have any
Christopher Schultz wrote:
Philip,
Philip Wigg wrote:
| are there any reasons why Apache and Tomcat cannot share the same web
| root folder, presuming that I exclude access to WEB-INF?
Nope, you should be good.
I would also restrict access to META-INF, and if you have any files that
should