Mark
asked on
Need to view directory list in apache/tomcat
I've done this before, but have apparently forgotten what I did. I have apache 2.4.16 and Tomcat 8.0.23 on Linux Slackware 64 14.1, kernel 3.10.17.
My Apache DocumentRoot is /srv/httpd/htdocs. My Tomcat $CATALINA_HOME is /srv/tomcat. I have a folder: /srv/tomcat/webapps/ohprs/ downloads/ jones that I want only user "jones" to have access to. Jones is not a local user. In the jones folder I have a .htaccess file as follows:
AuthType Basic
AuthName "SLC"
AuthUserFile /etc/httpd/passwords
Require user jones
I've added jones to the /etc/httpd/passwords file.
in /etc/httpd/httpd.conf I have:
<Directory /srv/tomcat/webapps/ohprs/ downloads/ jones>
Options +Indexes
AllowOverride All
</Directory>
<Location /ohprs/downloads/jones>
AuthType Basic
AuthName "Restricted"
AuthUserFile /etc/httpd/passwords
Require valid-user
AuthBasicProvider file
</Location>
When I enter my URL, https://www.mydomain.com/ohprs/downloads/jones, I get the login dialog. I enter the login info which is accepted. However, I get a 404 status, "The requested resource is not available - Apache Tomcat 8.0.23".
The message in /var/log/httpd/access_log is:
na.out
What am I doing wrong?
My Apache DocumentRoot is /srv/httpd/htdocs. My Tomcat $CATALINA_HOME is /srv/tomcat. I have a folder: /srv/tomcat/webapps/ohprs/
AuthType Basic
AuthName "SLC"
AuthUserFile /etc/httpd/passwords
Require user jones
I've added jones to the /etc/httpd/passwords file.
in /etc/httpd/httpd.conf I have:
<Directory /srv/tomcat/webapps/ohprs/
Options +Indexes
AllowOverride All
</Directory>
<Location /ohprs/downloads/jones>
AuthType Basic
AuthName "Restricted"
AuthUserFile /etc/httpd/passwords
Require valid-user
AuthBasicProvider file
</Location>
When I enter my URL, https://www.mydomain.com/ohprs/downloads/jones, I get the login dialog. I enter the login info which is accepted. However, I get a 404 status, "The requested resource is not available - Apache Tomcat 8.0.23".
The message in /var/log/httpd/access_log is:
[30/Jul/2015:02:41:40 -0400] 76.181.65.196 TLSv1.2 ECDHE-RSA-AES256-SHA384 "GET /ohprs/downloads/jones HTTP/1.1" -
[30/Jul/2015:02:41:40 -0400] 76.181.65.196 TLSv1.2 ECDHE-RSA-AES256-SHA384 "GET /ohprs/downloads/jones/ HTTP/1.1" 1040
Nothing logged in $CATALINA_HOME/logs/cataliWhat am I doing wrong?
ASKER
rrz:
"If no welcome files are present, the default servlet either serves a directory listing (see default servlet configuration on how to customize) or returns a 404 status, depending on the value of the listings setting."
I suppose I need to look at the "default servlet configuration". Do you know where that would be? In the meantime, I'll research.
What does $CATALINA_HOME/logs/localhost_access _log.2015- 7-30.txt list as the path for that 404?
$ grep tanner localhost_access_log.2015-07-30.txt
76.181.65.196 - - [30/Jul/2015:02:41:02 -0400] "GET /ohprs/downloads/jones/ HTTP/1.1" 404 1040
76.181.65.196 - - [30/Jul/2015:02:41:40 -0400] "GET /ohprs/downloads/jones HTTP/1.1" 302 -
76.181.65.196 - - [30/Jul/2015:02:41:40 -0400] "GET /ohprs/downloads/jones/ HTTP/1.1" 404 1040
76.181.65.196 - - [30/Jul/2015:02:42:01 -0400] "GET /ohprs/downloads/jones/ HTTP/1.1" 404 1040
Also, wouldn't Tomcat be looking for the welcome file? What does the web.xml file for the ohprs web app list in the welcome file tag?
<!-- ==================== Default Welcome File List ===================== -->
<!-- When a request URI refers to a directory, the default servlet looks -->
<!-- for a "welcome file" within that directory and, if present, to the -->
<!-- corresponding resource URI for display. -->
<!-- If no welcome files are present, the default servlet either serves a -->
<!-- directory listing (see default servlet configuration on how to -->
<!-- customize) or returns a 404 status, depending on the value of the -->
<!-- listings setting. -->
<!-- -->
<!-- If you define welcome files in your own application's web.xml -->
<!-- deployment descriptor, that list *replaces* the list configured -->
<!-- here, so be sure to include any of the default values that you wish -->
<!-- to use within your application. -->
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
Your suggested .jsp would certainly work, but I'm really looking for a non-programmed solution. As I said, I did this once before, but I forget how. The "Default Welcome File" description in web.xml says, "If no welcome files are present, the default servlet either serves a directory listing (see default servlet configuration on how to customize) or returns a 404 status, depending on the value of the listings setting."
I suppose I need to look at the "default servlet configuration". Do you know where that would be? In the meantime, I'll research.
ASKER
more info ...
The web.xml says, "listings Should directory listings be produced if there is no welcome file in this directory? [false] WARNING: Listings for directories with many entries can be slow and may consume significant proportions of server resources."
The section defining this has:
The web.xml says, "listings Should directory listings be produced if there is no welcome file in this directory? [false] WARNING: Listings for directories with many entries can be slow and may consume significant proportions of server resources."
The section defining this has:
<servlet>
<servlet-name>default</servlet-name>
<servlet-class>org.apache.catalina.servlets.DefaultServlet</servlet-class>
<init-param>
<param-name>debug</param-name>
<param-value>0</param-value>
</init-param>
<init-param>
<param-name>listings</param-name>
<param-value>false</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
So, I suppose I could simply set this to 'true', but I wonder if there is a way to restrict this to just my desired directory? How do Apache's <Directory> and <Location> directives work here? Are they ignored? I'll experiment.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I don't know the Apache Web Server very well. So, I can't comment on your solution. I was looking at this question for a Tomcat perspective. You should mark your comment as the solution.
ASKER
I settled on a non-Tomcat solution
$CATALINA_HOME/logs/localh
list as the path for that 404?
Also, wouldn't Tomcat be looking for the welcome file? What does the web.xml file for the ohprs web app list in the welcome file tag?
Anyway, I can suggest one possible solution.
Change the web.xml file of the ohprs web app to include something like the following.
Open in new window
Create a file called listFiles.jsp inside of ohprs/downloads/jones and use the following code as contents.Open in new window