Solved

using symlink as virtual directory in Tomcat, can I block directory browsing?

Posted on 2002-07-08
9
339 Views
Last Modified: 2013-12-06
I am using a symlink in Tomcat's ROOT directory to create a "virtual directory" without using Apache or another webserver.

So I do the following on Red Hat 7.2:

cd $TOMCAT_HOME/webapps/ROOT
ln -s /repository/assets assets

However, my problem is that a savvy user can enter the following in their browser:  http://myserver.com/assets

and view all the files in this directory.  Is their any way (chmod) with permissions to disable directory browsing?

The other thing I though we could do would be to change the ROOT application's web.xml to protect these symlink'ed directories.

Thanks,

Matt
0
Comment
Question by:mraible
9 Comments
 
LVL 40

Accepted Solution

by:
jlevie earned 100 total points
ID: 7139102
Anything that you were to do at the file system level to keep folks from browing a directory is going to keep the web server from accessing the directory. If you don't want users to see the contents of a directory you have to configure the web server to prevent that access. That's easy enough to do with an Apache server, and I'd guess that something similar should be possible with Tomcat.
0
 
LVL 1

Author Comment

by:mraible
ID: 7139155
that's the problem - I'm not using a webserver to create this virtual directory.  Just a symlink.
0
 
LVL 40

Expert Comment

by:jlevie
ID: 7161149
It is entirely possible that I missed it in the Tomcat documentation, but I don't see any way to limit access to a directory unless Tomcat is running under a Web server. There are one or two things in the FAQ about limitations, but they all reference the use of Apache's config directives.
0
Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

 
LVL 1

Author Comment

by:mraible
ID: 7161197
Apache does run a webserver as part of it's package - so it will server up *.html, *.gif, etc files.
0
 
LVL 1

Author Comment

by:mraible
ID: 7161198
Sorry, I mean Tomcat.
0
 
LVL 40

Expert Comment

by:jlevie
ID: 7161290
Right, I realize that Tomcat can do a number of the things that Apache can do. What seems to be missing in Tomcat is the fine grained access control that Apache implements. There are two ways to use Tomcat. As a standalone server and running under Apache. The later method allows for limits to be placed on what clients can see and/or access and is the only way that I saw in the documentation to restrict access.
0
 

Expert Comment

by:CleanupPing
ID: 9088961
mraible:
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
EXPERTS:
Post your closing recommendations!  No comment means you don't care.
0
 
LVL 40

Expert Comment

by:jlevie
ID: 9105640
The answer is ther, though it probably wasn't what mraible wanted.
0
 
LVL 2

Expert Comment

by:TheWeakestLink
ID: 9485007
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question is:
Accept comments from jlevie as answer
Please leave any comments here within the next seven days.

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

TheWeakestLink
EE Cleanup Volunteer
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
This article will explain how to establish a SSH connection to Ubuntu through the firewall and using a different port other then 22. I have set up a Ubuntu virtual machine in Virtualbox and I am running a Windows 7 workstation. From the Ubuntu vi…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question