 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Java Forum / General / January 2007Securing Tomcat
Hello, I've recently brought up an Apache Tomcat server for my network. I was curious how I can lock down directory viewing for apps ran on it. Currently i go to my app via http://domain.com/app/app.jsp If I go to the folder http://domain.com/app/ it lists the contents of the directory, and i don't want this to happen. How do I fix this Issue? Thanks > Hello, > [quoted text clipped - 7 lines] > > Thanks Simplest option - for your webapp, create an index.html file which does not do anything. This will be picked up and rendered, instead of the directory listing. Second option is via global web.xml. It is in $CATALINA_HOME/conf. Under default servlet section (<servlet-name>default</servlet-name>) you will see an init-param for directory listing, which is true by default. Turn it to false and you should be good to go after bouncing tomcat. <init-param> <param-name>listings</param-name> <param-value>false</param-value> </init-param> -cheers, Manish > Hello, > [quoted text clipped - 7 lines] > > Thanks Issue was this Under <servlet-name> we had 2 <init-param> for <param-name>listings the first one False, as should be, the second one was True. So the second one made it so you could list the directory. Remember to just change the line, and add a new one when editing the web.xml Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.