|
403 Forbidden error
Hi,
I'm trying to create a virtual host to access files in my Tomcat webapps folder in Litespeed 3.1.1. So far I have made a script handler for jsp files (although there are no jsp files involved) and I have made the following context: Java Web App URI: / Location: $VH_ROOT/ Servlet Engine: [Server Level]: Tomcat AJP, which is essentially a servlet engine on address localhost:8009 Everything works fine when I access it directly on Tomcat. When I go to the virtual host I can access images, directories with sound files, html and js files. The only thing I can't access is a folder defined in the web.xml file in the WEB-INF folder. When I try to access it I get a 403 Forbidden error. I can however access it directly on Tomcat. I have already tried many different configurations and none of them are working. I don't really know how to pinpoint the error, is it Tomcat, AJP, Litespeed config or the servlet. Hope you can help me out. Thanks. Kind regards, Nick |
Access to WEB-INF directory is blocked internally by LSWS for security reason. I think it is less desirable to expose the configuration file and other servlet class objects.
For anything need to be accessed directly via HTTP should be stored out side of that directory. I strongly suggest that, even when you are not using LiteSpeed. ;) |
Thanks for the reply. It is an application that is not written by me, so it would be hard(er) to change it. I will provide some more details, so a solution is possible.
In the WEB-INF folder there is a file called web.xml with the following content: <?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd"> <web-app> <!-- General description of your web application --> <display-name>An HTTP Binding Gateway to Jabber</display-name> <description> An implementation of JEP-0124 (HTTP-Binding). See http://www.jabber.org/jeps/jep-0124.html for details. </description> <context-param> <param-name>author</param-name> <param-value>xxx</param-value> <description> The EMAIL address of the author to whom questions and comments about this application should be addressed. </description> </context-param> <servlet> <servlet-name>Jabber HTTP Binding Servlet</servlet-name> <servlet-class>org.jabber.JabberHTTPBind.JHBServlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>Jabber HTTP Binding Servlet</servlet-name> <url-pattern>/JHB/</url-pattern> </servlet-mapping> <session-config> <session-timeout>30</session-timeout> <!-- 30 minutes --> </session-config> </web-app> This makes sure that when Tomcat is started, I can access a bunch of class files that are in WEB-INF/classes as http://localhost:8080/chat/JHB/ . Is it possible to access these files by using a proxy, ... or can I circumvent the security in LSWS or can I put these files elsewhere? Any help is very welcome. Thanks. Kind regards, Nick |
I think you should use URI: /chat/ when you create the Java Web App context.
You can have LiteSpeed proxy to backend tomcat as well. |
Depending on configuration, I could not tell you which though, I am getting 403 and 400 alternatingly. Tried with different encodings, without the Bom etc, going via fiel. I did get it to work once, reading the example from the link above from and sending that. But it does not anyone.
|
same issue with princecox...have you found the answer now?
|
just use plain proxy to talk to backend servlet engine.
|
| All times are GMT -7. The time now is 10:39 AM. |