Hi John, Boocock, John (CSS) schrieb: > If I go to www.domain.com/context/index.jsp I get a page as expected > > If I go to www.domain.com//context/index.jsp I get the source code, also > this isn't just on one context or the index.jsp file, we run quite a few > contexts and it consistently displays source code if you put double (or > more) slashes in the URL before the context. > > Alias "/context/" "/www/content/www.domain.com/webapps/context/" > JkMount "/context/*.jsp" lb-332 > JkMount "/context/servlet/*" lb-332
1. The above Alias in the Apache conf points to the Tomcat webapps directory. That means, Apache can access the files of the tomcat web application. 2. "//context/" does not match the above JkMount patterns which start with "/context/". That means, Apache does not forward a request like "www.domain.com//context/index.jsp" to Tomcat. The result from both is that Apache processes requests like "www.domain.com//context/index.jsp" itself. If it can find and access the requested file, Apache will serve it. Due to the fact, that your Apache has no module installed to process jsp files, it just serves the jsp files plain-text. That's the solution from my point of view. I would recommend not to point to any sub directory of $CATALINA_HOME with a DocumentRoot or Alias in Apache's conf to avoid such security breaches. Best wishes Lutz --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
