Hello >That most probably means that the URL mappings for mod_jk are not correct, and that Apache httpd is serving that content directly. >Look at (or show here) the JkMount lines that should be somewhere in your Apache configuration.
Was attached in the post: JkMount /* loadbalancer So everything would be served by tomcat. >At a second level, it also means that you are doing something that is really not recommended : allow Apache httpd access to the Tomcat application directories. >That bypasses any security that you may have in Tomcat. >Your current problem is a perfect example : Apache now shows the source code of your JSP pages. Hopefully there is no secret password in there. >Test : (http://www.test.de/xyz)/WEB-INF/web.xml Yes you are right, I can read the web.xml from the browser. How we can avoid it? Greetings Alexander > > > > In the Apache access log: > > xxx.xxx.214.145 - - [08/Nov/2011:14:44:08 +0100] "GET / HTTP/1.1" 200 > 23281 ##OK > > xxx.xxx.214.145 - - [08/Nov/2011:14:44:11 +0100] "GET > /go/VV4QB69WO9F01A9KGBSYVGNVGHY6T95J HTTP/1.1" 200 88572 ##Not ok, > sorcecode displayed. > > > > In the virtual-host.conf: > > ## Tomcatanbindung > > JkMount /* loadbalancer > > JkOptions +ForwardURICompatUnparsed > > AllowEncodedSlashes On > > > > > > Greetings > > Alexander > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
smime.p7s
Description: S/MIME cryptographic signature
