Apache/Tomcat Access denied????

hello.
I am trying3 to run. Apache 1.3.26 and tomcat 4.0 together on Windows 2000 Pro and have had no luck. I configured the httpd.conf file with these statements and the corresponding files are in the correct directories
<statements>
# Load mod_jk
LoadModule jk_module libexec/mod_jk.dll
# Configure mod_jk
JkWorkersFile c:/apache-tomcat-4.0/conf/jk/workers.properties
JkLogFile c:/apache-tomcat-4.0/logs/mod_jk.log
JkLogLevel info
Include c:\apache-tomcat-4.0\conf\auto\mod_jk.conf
</statements>
now when I start up Apache.(I use a console to start it.) It tells me that Apache 1.3.26 and mod_jk1.1.0 are both running. But.... if I go to the url http://localhost/examples/jsp. I get a page not found error. Same for the http://localhost:8080(page not found). So I went to the services manager, and I tried to run the service from there and it gave me an access denied prompt. I tried the startup.bat and that didn't work either. Plus I did a reboot and did the steps in reverse order, no luck there eithr.
Anyone ever had this problem , anyone know what it is. Any help would be appreciated.
Brian

Okay I have woked it down that I need to tag some properties or conf file but I need to know which file. I saw somthing about using <ApacheConfig path="<MOD_JK_Home>"> but where would I set this tag.
Brian

Similar Messages

Server.xml in tomcat access denied

hello,
I am using tomcat 5.5.9 with suse (linux), and I am using jdk 1.6.0
The CATALINA_HOME, JAVA_HOME are defined,
When I try to startup the tomcat as root user every thing is ok, it
start (with port 8080)
I have create a new user with permissions to logs and work
directories, and try to startup the tomcat from command
like that su - tomcatuser -c /user/tomcathome/bin/startup.sh
every thing is ok
but wenn I try to start it from eclipse I get this message:
In Catalina.out
Jul 12, 2006 6:03:26 PM org.apache.catalina.startup.Catalina load
WARNING: Can't load server.xml
Jul 12, 2006 6:03:26 PM org.apache.catalina.startup.Catalina load
WARNING: Can't load server.xml
Jul 12, 2006 6:03:26 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 0 ms
java.lang.reflect.InvocationTargetException
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.jav
a:39)
        at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessor
Impl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:585)
        at
org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:271)
        at
org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:409)
Caused by: java.lang.NullPointerException
        at org.apache.catalina.startup.Catalina.await(Catalina.java:600)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:560) Can any one help,
Thanks

Click Start, click Run, type cmd in the
Open box, and then click OK.
Switch to the <var>Drive</var>:\WINDOWS\Microsoft.NET\Framework\v2.0.50727 folder. In this folder, <var>Drive</var> is the drive where Windows is installed. To do this, type the following line at the command prompt, and then press Enter:
cd <var>Drive</var>:\WINDOWS\Microsoft.NET\Framework\v2.0.50727
Add the appropriate permissions to the Network Service group for the Temporary ASP.NET Files folder. To do this, type the following line, and then press Enter:
aspnet_regiis -ir
cd <var>Drive</var>:\WINDOWS\Microsoft.NET\Framework\v4
Add the appropriate permissions to the Network Service group for the Temporary ASP.NET Files folder. To do this, type the following line, and then press Enter:
aspnet_regiis -ir
http://social.technet.microsoft.com/Forums/sharepoint/en-US/bf6bb272-eb75-4435-8264-6980e9e7268f/sharepoint-server-2010-access-denied-error?forum=sharepointadminprevious
Is this a claims based web application? If yes, the super reader and super user need to be added with the in the format "i:0#.w|domain\username". Also, add them with full read and full control on the web application as well.
Check AAM settings
Can you check that your databases are not set to read only. I had a similar issue after backing up the farm users were not allowed to do anything on the site. Turned out the database was set to read only in SQL.
If this helped you resolve your issue, please mark it Answered

Apache+Tomcat access to static apache data from Tomcat

Hi,
Apache is in path /opt/apache
and tomcat is on /opt/apache/tomcat
I have to access to static data (/opt/apache/data) that is handled by my apache http server from my tomcat web application. Is there a way to do this in a clean way without doing things like this :
getServletCoontext().getRealPath(xxx) and doing some ../data manipulations
Thanks

I'm not completely sure I fully understand your problem.
I do not recommend opening sockets to your own WLS instance. That is a
recipe for deadlock.
Can you just include the static file in your response?
-- Rob
Yol. wrote:
We have a WebApplication which is running on a WebLogic Server 6.1.
The clients access to the application via an Apache hosted in another machine.
The Apache server redirects the requests to the server except the static files
which are served by the Apache Server.
Nevertheless, we have a few static resources that are not requested by the external
clients but are requested by the application in the WLS. The problem is that to
make this, it access the resource via the WLS, that is, via an url. That makes
the WLS open at least one socket. This cause that after a few time, there are
too many sockets in the machine opened in TIME-WAIT state.
For some reasons it is not possible to change the configuration of the sockets
in the server hosting the WLS.
We would like to access to this resources that are in the war of the WebApllication
without opening a socket.
Is it possible? Any ideas or suggestions?
Many many thanks in advance,
Yol.

Apache reports "access denied/HTTP 1.1"

When browsing a certain website, I often get the message
"access denied/HTTP 1.1" from the Apache Webserver. Sometimes the error message starts with this output, and the whole page fills with all kind of strange and unreadable special characters.
This happens only on one website and just with Safari, but regularly. When I use Firefox, it works perfectly.
I know the pages uses some heavy include() in their PHP scripts, which probably sometimes take too much data for Safari handling it?
Any idea?

Okay I have woked it down that I need to tag some properties or conf file but I need to know which file. I saw somthing about using <ApacheConfig path="<MOD_JK_Home>"> but where would I set this tag.
Brian

Perl and apache giving access denied message locally...

I have a simple perl script that is sitting in my "sites" directory, and have turned on all the changes in the apache httpd.conf file.
when I use http://localhost~username i get the default web page, but when I add the firct.cgi to the end, I get the following error...
Forbidden
You don't have permission to access /~kentjason/first.cgi on this server.
why is this happening. I should be able to see anything in that directory, right?
thanks alot,
jason

That was it! ok so what did that do? I thought the x
property was for actual executables like safari
etc...
You need the executable bit set in any UNIX variant for a file that is executed directly. It could be a script or an actual executable binary. For example, if you tried to execute the file from the command line directly it would have given an error.ls -l test.pl
-rw-r--r-- 1 joe staff 226 Jan 15 2003 test.plNote that the execute bit is not set. Now try to execute it from the command line like so:./test.pl
-bash: ./test.pl: Permission deniedBut, you could execute it by calling perl directly and using the script as an argument.which perl
/usr/bin/perlNote that perl's execute bit is set:ls -l /usr/bin/perl
-rwxr-xr-x 1 root wheel 19280 Mar 20 2005 /usr/bin/perlSo, without changing the permissions on the script itself, it would run if you did it this way:perl test.plThe web server always tries to run CGI scripts directly, so in that case the execute bit must be set. For scripts that use interpreters like bash or perl, the "sh-bang" line (ie, #!/usr/bin/perl on line 1) tells the OS which interpreter to use when you execute it directly. You could leave that out, but then you'd need to run the script as an argument to the interpreter as mentioned above. Does that all make sense?
Anyway, I'm glad you have it working and hope I didn't over complicate things with this explanation

Apache Error Log mod_security: Access denied with code 400

Hi
I am seeing the Access denied with code 400 errors in the apache log's after applying CPU Patch updates below into a Dev/TEST environment
RDBMS Patches: 9032412 & 9352191 & post steps below:
@?/rdbms/admin/dbmsaqds.plb
@?/rdbms/admin/prvtaqds.plb
@?/rdbms/admin/prvtaqiu.plb
Java Fix > [ID 1082747.1]
E-Business Suite Patches & post steps below:
9323613 & 9506302
Compiled Forms PLL files using adadmin to solve the known problem below
ORA-04062: signature of package "APPS.FND_HELP" has been changed
ORA-04062: KEY-HELP trigger raised unhandled exception ORA-04062.
the error can be replicated by following the steps below:
Log in to Oracle Apps E-Business Suite (11.5.10.2) select Report Management Information Responsibility and then transaction reports. (Opens Oracle Discoverer 4i Viewer) > select either Period to date or Year to date and then select any department & and any period (date) and then apply parameters:
Error message in browser
This error (HTTP 400 Bad Request) means that Internet Explorer was able to connect to the web server, but the webpage could not be found because of a problem with the address.
For more information about HTTP errors, see Help.
Apache log shows:
error_log shows the following:
[Fri Jul 8 10:52:08 2011] [error] [client 10.180.225.5] mod_security: Access denied with code 400. Pattern match "!^([-_@|#!=A-Za-z0-9/ :.$/(/)]){0,255}([-_@|#!=A-Za-z0-9/ :.$]){0,255}$" at ARGS_NAMES. [hostname "loadbalancer.webdomain"] [uri "/discoverer4i/viewer"] [unique_id ThbTSAq0BRQAABrfK7M]
access_log shows the following:
IP ADDRESS - - [08/Jul/2011:10:51:39 +0100] "GET /disco4iv/html/images/shadow_bottom02_leading_ltr.gif HTTP/1.1" 200 861 0
IP ADDRESS - - [08/Jul/2011:10:51:39 +0100] "GET /disco4iv/html/images/seperator.gif HTTP/1.1" 200 42 0
IP ADDRESS - - [08/Jul/2011:10:51:39 +0100] "GET /disco4iv/html/images/arch_blue_bottom_ltr.gif HTTP/1.1" 200 984 0
10.180.225.5 - - [08/Jul/2011:10:51:39 +0100] "GET /disco4iv/html/images/white.gif HTTP/1.1" 200 37 0
IP ADDRESS - - [08/Jul/2011:10:51:39 +0100] "GET /disco4iv/html/images/bar_blue_leading_edge_middle_ltr.gif HTTP/1.1" 200 111 0
IP ADDRESS - - [08/Jul/2011:10:51:39 +0100] "GET /disco4iv/html/images/bar_blue_trailing_edge_middle_ltr.gif HTTP/1.1" 200 129 0
IP ADDRESS - - [08/Jul/2011:10:51:39 +0100] "GET /disco4iv/html/images/shadow_bottom_leading_edge_ltr.gif HTTP/1.1" 200 862 0
IP ADDRESS - - [08/Jul/2011:10:51:39 +0100] "GET /disco4iv/html/images/btopshadow.gif HTTP/1.1" 200 44 0
IP ADDRESS- - [08/Jul/2011:10:51:39 +0100] "GET /disco4iv/html/images/bshadow.gif HTTP/1.1" 200 59 0
IP ADDRESS - - [08/Jul/2011:10:52:08 +0100] "POST /discoverer4i/viewer HTTP/1.1" 400 227 0
I have tried to follow a number of metalink notes but unable to resolve this issue, metalink notes looked at are:
976473.1
389558.1
1313128.1 Patch 10324904 applied
394587.1
389558.1 Patch 5107107 applied
1143882.1
376992.1 Patch 3950067 applied
Any ideas or suggestions most welcome
Thank you
Regards
Arfan
Edited by: user1717313 on 08-Jul-2011 04:59

Hi JD
I have tried the steps i.e stop apps tier, run adconfig on apps tiers and then started services on apps tiers and can replicate the error
thanks
Arfan
Hi Helios
I checked note 1080465.1 Patch 9506302 has been applied & Recompile all Forms PLL files using adadmin.
I ran the sql feom the note, output below
SQL> select text from dba_source where name='FND_HELP' and line <3;
TEXT
package Fnd_Help AUTHID CURRENT_USER as
/* $Header: AFMLHLPS.pls 115.22 2009/10/12 12:56:58 nchiring ship $ */
package body FND_HELP as
/* $Header: AFMLHLPB.pls 115.115 2010/03/19 06:45:24 nchiring ship $ */
Thanks
Arfan
Edited by: user1717313 on 08-Jul-2011 05:04

Exception when access JSF application deployed on apache tomcat

Hi,
hopefully u all will b fine.
I am new in Java Web developement and working on JSF... I made my first hello application of JSF... but when i try to access that from browser, following exception is shown in the browser window... (I am using apache tomcat 5.5.17 and JSF 1.1)
HTTP Status 500 �
type Exception report
message description: The server encountered an internal error () that prevented it from fulfilling this request.
exception :
org.apache.jasper.JasperException: Servlet.init() for servlet Faces Servlet threw exception
     org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:510)
     org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:375)
     org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:314)
     org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264)
     javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
root cause :
javax.servlet.ServletException: Servlet.init() for servlet Faces Servlet threw exception
     org.apache.jasper.runtime.PageContextImpl.doForward(PageContextImpl.java:703)
     org.apache.jasper.runtime.PageContextImpl.forward(PageContextImpl.java:670)
     org.apache.jsp.index_jsp._jspService(index_jsp.java:47)
     org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:97)
     javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
     org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:332)
     org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:314)
     org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264)
     javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
root cause:
java.lang.NullPointerException
     javax.faces.webapp.FacesServlet.init(FacesServlet.java:144)
     org.apache.jasper.runtime.PageContextImpl.doForward(PageContextImpl.java:703)
     org.apache.jasper.runtime.PageContextImpl.forward(PageContextImpl.java:670)
     org.apache.jsp.index_jsp._jspService(index_jsp.java:47)
     org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:97)
     javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
     org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:332)
     org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:314)
     org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264)
     javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
note: The full stack trace of the root cause is available in the Apache Tomcat/5.5.17 logs.
Apache Tomcat/5.5.17
I placed the jsp files in "apache-tomcat-5.5.17\webapps\MyProject\"
and web.xml and faces-config file at "apache-tomcat-5.5.17\webapps\MyProject\WEB-INF\"
library files of JSF ("jsf-api.jar", "jsf-impl.jar" and "jstl.jar") at "apache-tomcat-5.5.17\common\lib" also i tried by placing these at "apache-tomcat-5.5.17\webapps\MyProject\WEB-INF\lib"
Please help me out here...
Thanks
Imran

Maybe your web.xml is wrong. Doublecheck it.

Problem accessing exception object in jsp error page - Apache Tomcat 5.0.25

Hi all,
I'm thoroughly confused and need some help. I've deployed a very simple web application in Apache Tomcat 5.0.25 to test exception handling - errortest.jsp and error.jsp. errortest.jsp throws a divide by zero exception if executed with default values in text fields.
When I put the directive IsErrorPage="true" in error.jsp i get a HTTP 500 error when error.jsp is accessed. If I remove it error.jsp is displayed but I cant access the exception object - if I try to I get an exception below:
org.apache.jasper.JasperException: Unable to compile class for JSP
An error occurred at line: 5 in the jsp file: /error.jsp
Generated servlet error:
[javac] Compiling 1 source file
E:\Apache Software Foundation\Tomcat 5.0\work\Catalina\localhost\mywebapp\org\apache\jsp\error_jsp.java:46: cannot resolve symbol
symbol : variable exception
location: class org.apache.jsp.error_jsp
out.print(exception.getMessage());
^
1 error
Below is the code for the two jsp pages:
errortest.jsp:
<%@ page errorPage="error.jsp" %>
<html>
<head><title>Error test</title></head>
<body>
     <form action="errortest.jsp" method="post">
     Enter first number:<input type="text" name="first" value="5"/><br>
     Enter second number:<input type="text" name="second" value="0"/><br>
     <input type="submit"/>
     </form>
     <%
     if (request.getMethod().equals("POST")) {
          int first = Integer.parseInt( request.getParameter( "first" ) );
          int second = Integer.parseInt( request.getParameter( "second" ) );
          int answer = first/second;
     %>
</body>
</html>
NB: I am able to catch and display the exception if I use a try/catch block around the division as shown below.
try {
int answer = first/second;
} catch( Exception e) {
e.printStackTrace( new PrintWriter(out) );
error.jsp (first draft)
NB: HTTP 500 error occurs when directive "isErrorPage" is added:
<%@ page isErrorPage="true" %>
<html>
<head><title>Error Page</title></head>
<body>
</body>
</html>
error.jsp (second draft)
NB: directive is removed but exception thrown when implicit exception object is accessed. error.jsp displays if exception object is not accessed:
<%@ page %>
<html>
<head><title>Error Page</title></head>
<body>
<%=exception.getMessage()%>
</body>
</html>
Web server specs:
Apache Tomcat 5.0.25
Machine specs:
Windows XP Pro
Java environments:
j2sdk1.4.2_03
J2EE 1.4

This works for me:
throwError.jsp
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<%@ page language="java" errorPage="/error.jsp"
contentType="text/html; charset=utf-8" %>
<html>
<head>
     <title>Throw Exception</title>
</head>
<body>
Throwing exception....
<%
// throw ArithmeticException
int badInt = 12/0;
%>
</body>
</html>
error.jsp
<%@ page language="java" isErrorPage="true" %>
<head><title>Doh!</title></head>
An Error has occurred in this application.
<% if (exception != null) { %>
<pre><% exception.printStackTrace(new java.io.PrintWriter(out)); %></pre>
<% } else { %>
Please check your log files for further information.
<% } %>

"access denied" message on tomcat

i have downloaded jakarta tomcat, set classpaths etc,
set JAVA_HOME environment and CATALLINA_HOME environment.
Catalina connects, but the J2sdk1.4.1_01 reads back in MSDOS
"access denied".
I have a personal firewall "Zone Alarm" and do not think it is
preventing the server from running because i usually get an alert.
Please advise if there is a work around.
thanks in advance

Ok. If anyone is interested, do not attempt to set the
CATALINA_HOME environment since it appears to default to the
root directory "." or searches ".." in windows 98. Attempting
to do it manually by for example, setting the catalina home
environment in autoexec.bat, will result in you getting
a bad file command and an "access denied" error message when
trying to connect to the jdk.

Trouble to access one website (HTTP Status 500) and to find Apache Tomcat/6.0.20 logs

Hi to you all!
It is impossible for me to access one website only for a couple of days, the Yell.com UK phone directory. I asked them to help me with this trouble, but one of the technicians answered «I have had no problems in accessing Yell.com online here and neither have my colleagues. There may have been a temporary bug with the system, but all is fine now. If you are still experiencing problems, I would suggest that it is an issue with your system.»
It does not help because the trouble persists, whatever the solution I tried to find (clearing history and cache, bookmarking anew, changing slightly the URL). When trying to access to their website, it says:
«HTTP Status 500 -
«type Exception report
«message
«description The server encountered an internal error () that prevented it from fulfilling this request.
«exception
«… (Here are 13 lines about javax.servlet, com.yell.ucs.responder, org.apache.struts.action and 50 lines under achapter titled “root cause”) — then:
«note The full stack trace of the root cause is available in the Apache Tomcat/6.0.20 logs.
«Apache Tomcat/6.0.20»
QUESTIONS —
1. I have access without any problem to Yell.com with the Safari (after having selected “Safari browser”), but there is no result with Firefox with the Safari browser! How is this possible?
2. I don't understand anything about what the “Apache Tomcat/6.0.20” - Error report means…
3. What and where can I find the “Apache Tomcat/6.0.20 logs” on a Mac OS X 10.4 and how can this be solved?
Many thanks forward for your help (please use ordinary words, I don't understand anything about computer and Web things).
Cordially
== URL of affected sites ==
http://www.yell.com/

Now, some goblin somewhere put things right and this Yell.com works again, ''without doing anything''… Hope it'll keep on going like this!

Applet access denied with Tomcat 4.1.29 -- Plz Help

I searched for answers in the forum and used the jarsigner to certify an applet that uses Oracle thin driver. Modified the catalina.policy to:
grant {
permission java.security.AllPermission;
permission java.net.SocketPermission "127.0.0.1:1024-", "accept, connect, listen, resolve";
}; I am still seeing this error:
access denied (java.net.SocketPermission 127.0.0.1:1521 connect, resolve)PLEASE HELP
Murthy

Thanks for the clarification! I created a java.policy file on the client. I'm now seeing null pointer for the connection variable. BTW, on the client I saved the java.policy at $HOME and the policy tool says it can't find it!!!

Apache Tomcat/4.0.4 - HTTP Status 500 - Internal Server Error - I get this when I try to enter a record into one of our Access databases, what do I need to do to fix it, I don't know what it means

Apache Tomcat/4.0.4 - HTTP Status 500 - Internal Server Error - I don't know what this means or how to fix it, I get it when I try to enter a ticket into one of our custom data bases in Access

Apache Tomcat/4.0.4 - HTTP Status 500 - Internal Server Error - I don't know what this means or how to fix it, I get it when I try to enter a ticket into one of our custom data bases in Access

Streaming CSV via Apache/ Tomcat with Mod Proxy

I have Apache hooked up to Tomcat using mod_proxy and attempts to stream a CSV file from a Struts action via tomcat fails.
Using the tomcat port localhost:8080/testappp the streaming works fine but for some reason it does not work via the apache url
Build is Red Hat Enterprise Linux AS release 4 on Apache 2.0.52-25 and Tomcat 5.5
Below are pastes of the apache conf file and tomcat server.xml
Thanks
# httpd.conf
# Based upon the NCSA server configuration files originally by Rob McCool.
# This is the main Apache server configuration file. It contains the
# configuration directives that give the server its instructions.
# See <URL:http://httpd.apache.org/docs-2.0/> for detailed information about
# the directives.
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
# consult the online docs. You have been warned.
# The configuration directives are grouped into three basic sections:
# 1. Directives that control the operation of the Apache server process as a
# whole (the 'global environment').
# 2. Directives that define the parameters of the 'main' or 'default' server,
# which responds to requests that aren't handled by a virtual host.
# These directives also provide default values for the settings
# of all virtual hosts.
# 3. Settings for virtual hosts, which allow Web requests to be sent to
# different IP addresses or hostnames and have them handled by the
# same Apache server process.
# Configuration and logfile names: If the filenames you specify for many
# of the server's control files begin with "/" (or "drive:/" for Win32), the
# server will use that explicit path. If the filenames do not begin
# with "/", the value of ServerRoot is prepended -- so "logs/foo.log"
# with ServerRoot set to "/etc/httpd" will be interpreted by the
# server as "/etc/httpd/logs/foo.log".
### Section 1: Global Environment
# The directives in this section affect the overall operation of Apache,
# such as the number of concurrent requests it can handle or where it
# can find its configuration files.
# Don't give away too much information about all the subcomponents
# we are running. Comment out this line if you don't mind remote sites
# finding out what major optional modules you are running
ServerTokens OS
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
# NOTE! If you intend to place this on an NFS (or otherwise network)
# mounted filesystem then please read the LockFile documentation
# (available at <URL:http://httpd.apache.org/docs-2.0/mod/mpm_common.html#lockfile>);
# you will save yourself a lot of trouble.
# Do NOT add a slash at the end of the directory path.
ServerRoot "/etc/httpd"
# PidFile: The file in which the server should record its process
# identification number when it starts.
PidFile run/httpd.pid
# Timeout: The number of seconds before receives and sends time out.
Timeout 120
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
KeepAlive Off
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
MaxKeepAliveRequests 100
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
KeepAliveTimeout 15
## Server-Pool Size Regulation (MPM specific)
# prefork MPM
# StartServers: number of server processes to start
# MinSpareServers: minimum number of server processes which are kept spare
# MaxSpareServers: maximum number of server processes which are kept spare
# ServerLimit: maximum value for MaxClients for the lifetime of the server
# MaxClients: maximum number of server processes allowed to start
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule prefork.c>
StartServers 8
MinSpareServers 5
MaxSpareServers 20
ServerLimit 256
MaxClients 256
MaxRequestsPerChild 4000
</IfModule>
# worker MPM
# StartServers: initial number of server processes to start
# MaxClients: maximum number of simultaneous client connections
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadsPerChild: constant number of worker threads in each server process
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule worker.c>
StartServers 2
MaxClients 150
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxRequestsPerChild 0
</IfModule>
# Listen: Allows you to bind Apache to specific IP addresses and/or
# ports, in addition to the default. See also the <VirtualHost>
# directive.
# Change this to Listen on specific IP addresses as shown below to
# prevent Apache from glomming onto all bound IP addresses (0.0.0.0)
#Listen 12.34.56.78:80
Listen 80
# Dynamic Shared Object (DSO) Support
# To be able to use the functionality of a module which was built as a DSO you
# have to place corresponding `LoadModule' lines at this location so the
# directives contained in it are actually available before they are used.
# Statically compiled modules (those listed by `httpd -l') do not need
# to be loaded here.
# Example:
# LoadModule foo_module modules/mod_foo.so
LoadModule access_module modules/mod_access.so
LoadModule auth_module modules/mod_auth.so
LoadModule auth_anon_module modules/mod_auth_anon.so
LoadModule auth_dbm_module modules/mod_auth_dbm.so
LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule ldap_module modules/mod_ldap.so
LoadModule auth_ldap_module modules/mod_auth_ldap.so
LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule env_module modules/mod_env.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule cern_meta_module modules/mod_cern_meta.so
LoadModule expires_module modules/mod_expires.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule headers_module modules/mod_headers.so
LoadModule usertrack_module modules/mod_usertrack.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule mime_module modules/mod_mime.so
LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule asis_module modules/mod_asis.so
LoadModule info_module modules/mod_info.so
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule imap_module modules/mod_imap.so
LoadModule actions_module modules/mod_actions.so
LoadModule speling_module modules/mod_speling.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule cache_module modules/mod_cache.so
LoadModule suexec_module modules/mod_suexec.so
LoadModule disk_cache_module modules/mod_disk_cache.so
LoadModule file_cache_module modules/mod_file_cache.so
LoadModule mem_cache_module modules/mod_mem_cache.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule dav_svn_module /usr/lib/httpd/modules/mod_dav_svn.so
LoadModule authz_svn_module /usr/lib/httpd/modules/mod_authz_svn.so
# Load config files from the config directory "/etc/httpd/conf.d".
Include conf.d/*.conf
# ExtendedStatus controls whether Apache will generate "full" status
# information (ExtendedStatus On) or just basic information (ExtendedStatus
# Off) when the "server-status" handler is called. The default is Off.
#ExtendedStatus On
### Section 2: 'Main' server configuration
# The directives in this section set up the values used by the 'main'
# server, which responds to any requests that aren't handled by a
# <VirtualHost> definition. These values also provide defaults for
# any <VirtualHost> containers you may define later in the file.
# All of these directives may appear inside <VirtualHost> containers,
# in which case these default settings will be overridden for the
# virtual host being defined.
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
# User/Group: The name (or #number) of the user/group to run httpd as.
# . On SCO (ODT 3) use "User nouser" and "Group nogroup".
# . On HPUX you may not be able to use shared memory as nobody, and the
# suggested workaround is to create a user www and use that user.
# NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET)
# when the value of (unsigned)Group is above 60000;
# don't use Group #-1 on these systems!
User apache
Group apache
# ServerAdmin: Your address, where problems with the server should be
# e-mailed. This address appears on some server-generated pages, such
# as error documents. e.g. [email protected]
ServerAdmin [Email]root@localhost[Email]
# ServerName gives the name and port that the server uses to identify itself.
# This can often be determined automatically, but we recommend you specify
# it explicitly to prevent problems during startup.
# If this is not set to valid DNS name for your host, server-generated
# redirections will not work. See also the UseCanonicalName directive.
# If your host doesn't have a registered DNS name, enter its IP address here.
# You will have to access it by its address anyway, and this will make
# redirections work in a sensible way.
ServerName ext02:80
# UseCanonicalName: Determines how Apache constructs self-referencing
# URLs and the SERVER_NAME and SERVER_PORT variables.
# When set "Off", Apache will use the Hostname and Port supplied
# by the client. When set "On", Apache will use the value of the
# ServerName directive.
UseCanonicalName Off
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
DocumentRoot "/var/www/html"
# Each directory to which Apache has access can be configured with respect
# to which services and features are allowed and/or disabled in that
# directory (and its subdirectories).
# First, we configure the "default" to be a very restrictive set of
# features.
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
# you might expect, make sure that you have specifically enabled it
# below.
# This should be changed to whatever you set DocumentRoot to.
<Directory "/var/www/html">
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
# Note that "MultiViews" must be named explicitly --- "Options All"
# doesn't give it to you.
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs-2.0/mod/core.html#options
# for more information.
Options Indexes FollowSymLinks
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
AllowOverride None
# Controls who can get stuff from this server.
Order allow,deny
Allow from all
</Directory>
# UserDir: The name of the directory that is appended onto a user's home
# directory if a ~user request is received.
# The path to the end user account 'public_html' directory must be
# accessible to the webserver userid. This usually means that ~userid
# must have permissions of 711, ~userid/public_html must have permissions
# of 755, and documents contained therein must be world-readable.
# Otherwise, the client will only receive a "403 Forbidden" message.
# See also: http://httpd.apache.org/docs/misc/FAQ.html#forbidden
<IfModule mod_userdir.c>
# UserDir is disabled by default since it can confirm the presence
# of a username on the system (depending on home directory
# permissions).
UserDir disable
# To enable requests to /~user/ to serve the user's public_html
# directory, remove the "UserDir disable" line above, and uncomment
# the following line instead:
#UserDir public_html
</IfModule>
# Control access to UserDir directories. The following is an example
# for a site where these directories are restricted to read-only.
#<Directory /home/*/public_html>
# AllowOverride FileInfo AuthConfig Limit
# Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
# <Limit GET POST OPTIONS>
# Order allow,deny
# Allow from all
# </Limit>
# <LimitExcept GET POST OPTIONS>
# Order deny,allow
# Deny from all
# </LimitExcept>
#</Directory>
# DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
# The index.html.var file (a type-map) is used to deliver content-
# negotiated documents. The MultiViews Option can be used for the
# same purpose, but it is much slower.
DirectoryIndex index.php index.html index.html.var
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives. See also the AllowOverride
# directive.
AccessFileName .htaccess
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>
# TypesConfig describes where the mime.types file (or equivalent) is
# to be found.
TypesConfig /etc/mime.types
# DefaultType is the default MIME type the server will use for a document
# if it cannot otherwise determine one, such as from filename extensions.
# If your server contains mostly text or HTML documents, "text/plain" is
# a good value. If most of your content is binary, such as applications
# or images, you may want to use "application/octet-stream" instead to
# keep browsers from trying to display binary files as though they are
# text.
DefaultType text/plain
# The mod_mime_magic module allows the server to use various hints from the
# contents of the file itself to determine its type. The MIMEMagicFile
# directive tells the module where the hint definitions are located.
<IfModule mod_mime_magic.c>
# MIMEMagicFile /usr/share/magic.mime
MIMEMagicFile conf/magic
</IfModule>
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
HostnameLookups Off
# EnableMMAP: Control whether memory-mapping is used to deliver
# files (assuming that the underlying OS supports it).
# The default is on; turn this off if you serve from NFS-mounted
# filesystems. On some systems, turning it off (regardless of
# filesystem) can improve performance; for details, please see
# http://httpd.apache.org/docs-2.0/mod/core.html#enablemmap
#EnableMMAP off
# EnableSendfile: Control whether the sendfile kernel support is
# used to deliver files (assuming that the OS supports it).
# The default is on; turn this off if you serve from NFS-mounted
# filesystems. Please see
# http://httpd.apache.org/docs-2.0/mod/core.html#enablesendfile
#EnableSendfile off
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you do define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
ErrorLog logs/error_log
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
# The location and format of the access logfile (Common Logfile Format).
# If you do not define any access logfiles within a <VirtualHost>
# container, they will be logged here. Contrariwise, if you do
# define per-<VirtualHost> access logfiles, transactions will be
# logged therein and not in this file.
#CustomLog logs/access_log common
# If you would like to have agent and referer logfiles, uncomment the
# following directives.
#CustomLog logs/referer_log referer
#CustomLog logs/agent_log agent
# For a single logfile with access, agent, and referer information
# (Combined Logfile Format), use the following directive:
CustomLog logs/access_log combined
# Optionally add a line containing the server version and virtual host
# name to server-generated pages (internal error documents, FTP directory
# listings, mod_status and mod_info output etc., but not CGI generated
# documents or custom error documents).
# Set to "EMail" to also include a mailto: link to the ServerAdmin.
# Set to one of: On | Off | EMail
ServerSignature On
# Aliases: Add here as many aliases as you need (with no limit). The format is
# Alias fakename realname
# Note that if you include a trailing / on fakename then the server will
# require it to be present in the URL. So "/icons" isn't aliased in this
# example, only "/icons/". If the fakename is slash-terminated, then the
# realname must also be slash terminated, and if the fakename omits the
# trailing slash, the realname must also omit it.
# We include the /icons/ alias for FancyIndexed directory listings. If you
# do not use FancyIndexing, you may comment this out.
Alias /icons/ "/var/www/icons/"
Alias /admin "/home/boss4/web/geoland/admin/"
Alias /bboard "/home/boss4/web/phpBB3/"
<Directory "/var/www/icons">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<Directory "/home/boss4/web/geoland/admin">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<Directory "/home/boss4/web/phpBB3">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
# WebDAV module configuration section.
<IfModule mod_dav_fs.c>
# Location of the WebDAV lock database.
DAVLockDB /var/lib/dav/lockdb
</IfModule>
# ScriptAlias: This controls which directories contain server scripts.
# ScriptAliases are essentially the same as Aliases, except that
# documents in the realname directory are treated as applications and
# run by the server when requested rather than as documents sent to the client.
# The same rules about trailing "/" apply to ScriptAlias directives as to
# Alias.
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
# "/var/www/cgi-bin" should be changed to whatever your ScriptAliased
# CGI directory exists, if you have that configured.
<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
# Redirect allows you to tell clients about documents which used to exist in
# your server's namespace, but do not anymore. This allows you to tell the
# clients where to look for the relocated document.
# Example:
# Redirect permanent /foo http://www.example.com/bar
# Directives controlling the display of server-generated directory listings.
# IndexOptions: Controls the appearance of server-generated directory
# listings.
IndexOptions FancyIndexing VersionSort NameWidth=*
# AddIcon* directives tell the server which icon to show for different
# files or filename extensions. These are only displayed for
# FancyIndexed directories.
AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
AddIconByType (TXT,/icons/text.gif) text/*
AddIconByType (IMG,/icons/image2.gif) image/*
AddIconByType (SND,/icons/sound2.gif) audio/*
AddIconByType (VID,/icons/movie.gif) video/*
AddIcon /icons/binary.gif .bin .exe
AddIcon /icons/binhex.gif .hqx
AddIcon /icons/tar.gif .tar
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
AddIcon /icons/a.gif .ps .ai .eps
AddIcon /icons/layout.gif .html .shtml .htm .pdf
AddIcon /icons/text.gif .txt
AddIcon /icons/c.gif .c
AddIcon /icons/p.gif .pl .py
AddIcon /icons/f.gif .for
AddIcon /icons/dvi.gif .dvi
AddIcon /icons/uuencoded.gif .uu
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
AddIcon /icons/tex.gif .tex
AddIcon /icons/bomb.gif core
AddIcon /icons/back.gif ..
AddIcon /icons/hand.right.gif README
AddIcon /icons/folder.gif ^^DIRECTORY^^
AddIcon /icons/blank.gif ^^BLANKICON^^
# DefaultIcon is which icon to show for files which do not have an icon
# explicitly set.
DefaultIcon /icons/unknown.gif
# AddDescription allows you to place a short description after a file in
# server-generated indexes. These are only displayed for FancyIndexed
# directories.
# Format: AddDescription "description" filename
#AddDescription "GZIP compressed document" .gz
#AddDescription "tar archive" .tar
#AddDescription "GZIP compressed tar archive" .tgz
# ReadmeName is the name of the README file the server will look for by
# default, and append to directory listings.
# HeaderName is the name of a file which should be prepended to
# directory indexes.
ReadmeName README.html
HeaderName HEADER.html
# IndexIgnore is a set of filenames which directory indexing should ignore
# and not include in the listing. Shell-style wildcarding is permitted.
IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
# DefaultLanguage and AddLanguage allows you to specify the language of
# a document. You can then use content negotiation to give a browser a
# file in a language the user can understand.
# Specify a default language. This means that all data
# going out without a specific language tag (see below) will
# be marked with this one. You probably do NOT want to set
# this unless you are sure it is correct for all cases.
# * It is generally better to not mark a page as
# * being a certain language than marking it with the wrong
# * language!
# DefaultLanguage nl
# Note 1: The suffix does not have to be the same as the language
# keyword --- those with documents in Polish (whose net-standard
# language code is pl) may wish to use "AddLanguage pl .po" to
# avoid the ambiguity with the common suffix for perl scripts.
# Note 2: The example entries below illustrate that in some cases
# the two character 'Language' abbreviation is not identical to
# the two character 'Country' code for its country,
# E.g. 'Danmark/dk' versus 'Danish/da'.
# Note 3: In the case of 'ltz' we violate the RFC by using a three char
# specifier. There is 'work in progress' to fix this and get
# the reference data for rfc1766 cleaned up.
# Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl)
# English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de)
# Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja)
# Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn)
# Norwegian (no) - Polish (pl) - Portugese (pt)
# Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv)
# Simplified Chinese (zh-CN) - Spanish (es) - Traditional Chinese (zh-TW)
AddLanguage ca .ca
AddLanguage cs .cz .cs
AddLanguage da .dk
AddLanguage de .de
AddLanguage el .el
AddLanguage en .en
AddLanguage eo .eo
AddLanguage es .es
AddLanguage et .et
AddLanguage fr .fr
AddLanguage he .he
AddLanguage hr .hr
AddLanguage it .it
AddLanguage ja .ja
AddLanguage ko .ko
AddLanguage ltz .ltz
AddLanguage nl .nl
AddLanguage nn .nn
AddLanguage no .no
AddLanguage pl .po
AddLanguage pt .pt
AddLanguage pt-BR .pt-br
AddLanguage ru .ru
AddLanguage sv .sv
AddLanguage zh-CN .zh-cn
AddLanguage zh-TW .zh-tw
# LanguagePriority allows you to give precedence to some languages
# in case of a tie during content negotiation.
# Just list the languages in decreasing order of preference. We have
# more or less alphabetized them here. You probably want to change this.
LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW
# ForceLanguagePriority allows you to serve a result page rather than
# MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback)
# [in case no accepted languages matched the available variants]
ForceLanguagePriority Prefer Fallback
# Specify a default charset for all pages sent out. This is
# always a good idea and opens the door for future internationalisation
# of your web site, should you ever want it. Specifying it as
# a default does little harm; as the standard dictates that a page
# is in iso-8859-1 (latin1) unless specified otherwise i.e. you
# are merely stating the obvious. There are also some security
# reasons in browsers, related to javascript and URL parsing
# which encourage you to always set a default char set.
AddDefaultCharset UTF-8
# Commonly used filename extensions to character sets. You probably
# want to avoid clashes with the language extensions, unless you
# are good at carefully testing your setup after each change.
# See http://www.iana.org/assignments/character-sets for the
# official list of charset names and their respective RFCs.
AddCharset ISO-8859-1 .iso8859-1 .latin1
AddCharset ISO-8859-2 .iso8859-2 .latin2 .cen
AddCharset ISO-8859-3 .iso8859-3 .latin3
AddCharset ISO-8859-4 .iso8859-4 .latin4
AddCharset ISO-8859-5 .iso8859-5 .latin5 .cyr .iso-ru
AddCharset ISO-8859-6 .iso8859-6 .latin6 .arb
AddCharset ISO-8859-7 .iso8859-7 .latin7 .grk
AddCharset ISO-8859-8 .iso8859-8 .latin8 .heb
AddCharset ISO-8859-9 .iso8859-9 .latin9 .trk
AddCharset ISO-2022-JP .iso2022-jp .jis
AddCharset ISO-2022-KR .iso2022-kr .kis
AddCharset ISO-2022-CN .iso2022-cn .cis
AddCharset Big5 .Big5 .big5
# For russian, more than one charset is used (depends on client, mostly):
AddCharset WINDOWS-1251 .cp-1251 .win-1251
AddCharset CP866 .cp866
AddCharset KOI8-r .koi8-r .koi8-ru
AddCharset KOI8-ru .koi8-uk .ua
AddCharset ISO-10646-UCS-2 .ucs2
AddCharset ISO-10646-UCS-4 .ucs4
AddCharset UTF-8 .utf8
# The set below does not map to a specific (iso) standard
# but works on a fairly wide range of browsers. Note that
# capitalization actually matters (it should not, but it
# does for some browsers).
# See http://www.iana.org/assignments/character-sets
# for a list of sorts. But browsers support few.
AddCharset GB2312 .gb2312 .gb
AddCharset utf-7 .utf7
AddCharset utf-8 .utf8
AddCharset big5 .big5 .b5
AddCharset EUC-TW .euc-tw
AddCharset EUC-JP .euc-jp
AddCharset EUC-KR .euc-kr
AddCharset shift_jis .sjis
# AddType allows you to add to or override the MIME configuration
# file mime.types for specific file types.
#AddType application/x-tar .tgz
# AddEncoding allows you to have certain browsers uncompress
# information on the fly. Note: Not all browsers support this.
# Despite the name similarity, the following Add* directives have nothing
# to do with the FancyIndexing customization directives above.
#AddEncoding x-compress .Z
#AddEncoding x-gzip .gz .tgz
# If the AddEncoding directives above are commented-out, then you
# probably should define those extensions to indicate media types:
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
# AddHandler allows you to map certain file extensions to "handlers":
# actions unrelated to filetype. These can be either built into the server
# or added with the Action directive (see below)
# To use CGI scripts outside of ScriptAliased directories:
# (You will also need to add "ExecCGI" to the "Options" directive.)
#AddHandler cgi-script .cgi
# For files that include their own HTTP headers:
#AddHandler send-as-is asis
# For server-parsed imagemap files:
AddHandler imap-file map
# For type maps (negotiated resources):
# (This is enabled by default to allow the Apache "It Worked" page
# to be distributed in multiple languages.)
AddHandler type-map var
# Filters allow you to process content before it is sent to the client.
# To parse .shtml files for server-side includes (SSI):
# (You will also need to add "Includes" to the "Options" directive.)
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
# Action lets you define media types that will execute a script whenever
# a matching file is called. This eliminates the need for repeated URL
# pathnames for oft-used CGI file processors.
# Format: Action media/type /cgi-script/location
# Format: Action handler-name /cgi-script/location
# Customizable error responses come in three flavors:
# 1) plain text 2) local redirects 3) external redirects
# Some examples:
#ErrorDocument 500 "The server made a boo boo."
#ErrorDocument 404 /missing.html
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
#ErrorDocument 402 http://www.example.com/subscription_info.html
# Putting this all together, we can internationalize error responses.
# We use Alias to redirect any /error/HTTP_<error>.html.var response to
# our collection of by-error message multi-language collections. We use
# includes to substitute the appropriate text.
# You can modify the messages' appearance without changing any of the
# default HTTP_<error>.html.var files by adding the line:
# Alias /error/include/ "/your/include/path/"

Please note: I AM USING:
JkOptions ForwardKeySize ForwardURICompat -ForwardDirectories
And that's what's supposed to fix this problem in the first place, right??

Access denied (java.io.FilePermission c:\hello.html read

hi all,
i'm trying to run an application in web start which runs otherwise absolutely fine.i have made a tree application .if i press a link in a node it opens another page in jeditor pane which is on the other side of the split pane.every time i try to open a page it gives me the following exception
Exception occurred during event dispatching:
java.security.AccessControlException: access denied (java.io.FilePermission c:\Program Files\Apache Tomcat 4.0\webapps\web\hello.html read)
     at java.security.AccessControlContext.checkPermission(Unknown Source)
     at java.security.AccessController.checkPermission(Unknown Source)
     at java.lang.SecurityManager.checkPermission(Unknown Source)
     at java.lang.SecurityManager.checkRead(Unknown Source)
     at java.io.File.isDirectory(Unknown Source)
     at sun.net.www.protocol.file.FileURLConnection.connect(Unknown Source)
     at sun.net.www.protocol.file.FileURLConnection.initializeHeaders(Unknown Source)
     at sun.net.www.protocol.file.FileURLConnection.getHeaderField(Unknown Source)
     at sun.net.www.URLConnection.getContentType(Unknown Source)
     at javax.swing.JEditorPane.getStream(Unknown Source)
     at javax.swing.JEditorPane.setPage(Unknown Source)
     at browser.HelpPanel.displayURL(HelpPanel.java:156)
     at browser.HelpPanel.access$000(HelpPanel.java:37)
     at browser.HelpPanel$2.valueChanged(HelpPanel.java:74)
     at javax.swing.JTree.fireValueChanged(Unknown Source)
     at javax.swing.JTree$TreeSelectionRedirector.valueChanged(Unknown Source)
     at javax.swing.tree.DefaultTreeSelectionModel.fireValueChanged(Unknown Source)
     at javax.swing.tree.DefaultTreeSelectionModel.notifyPathChange(Unknown Source)
     at javax.swing.tree.DefaultTreeSelectionModel.setSelectionPaths(Unknown Source)
i have given permissions for file io in jdk1.3 jre,tomcat 's catalina as well as in the java.policy file for this particular application which is in the jar folder but no use.can anybody tell me the solution.following is the content of my policy file.
grant {
permission java.net.SocketPermission "*:1024-65535",
"connect,accept,resolve";
permission java.net.SocketPermission "*:80", "connect";
permission java.security.AllPermission;
permission java.util.PropertyPermission "os.name", "read";
     permission java.util.PropertyPermission "os.version", "read";
     permission java.util.PropertyPermission "os.arch", "read";
     permission java.util.PropertyPermission "file.separator", "read";
     permission java.util.PropertyPermission "path.separator", "read";
     permission java.util.PropertyPermission "line.separator", "read";
permission java.util.PropertyPermission "user.dir", "read";
permission java.util.PropertyPermission "dir", "read";
permission java.io.FilePermission "c:\Program Files\Apache Tomcat 4.0\webapps\web\", "read,write,execute";
thanks

Hi sangeeta,
I am working on java web start and have posted a query at the following link
http://forum.java.sun.com/thread.jsp?forum=38&thread=328294
I read your question and I found it similar to my problem.
I was wondering if you could temm me exactly what file you had to modify under web start and what was the line that you had to put in.
If the question is ambiguous .... and as an after thot it does look kinda that way please lemme know.
Thanks
Shahid
hi all,
i'm trying to run an application in web start which
runs otherwise absolutely fine.i have made a tree
application .if i press a link in a node it opens
another page in jeditor pane which is on the other
side of the split pane.every time i try to open a page
it gives me the following exception
Exception occurred during event dispatching:
java.security.AccessControlException: access denied
(java.io.FilePermission c:\Program Files\Apache Tomcat
4.0\webapps\web\hello.html read)
at
java.security.AccessControlContext.checkPermission(Unk
own Source)
at
java.security.AccessController.checkPermission(Unknown
Source)
at java.lang.SecurityManager.checkPermission(Unknown
Source)
at java.lang.SecurityManager.checkRead(Unknown
Source)
     at java.io.File.isDirectory(Unknown Source)
at
sun.net.www.protocol.file.FileURLConnection.connect(Un
nown Source)
at
sun.net.www.protocol.file.FileURLConnection.initialize
eaders(Unknown Source)
at
sun.net.www.protocol.file.FileURLConnection.getHeaderF
eld(Unknown Source)
at sun.net.www.URLConnection.getContentType(Unknown
Source)
     at javax.swing.JEditorPane.getStream(Unknown Source)
     at javax.swing.JEditorPane.setPage(Unknown Source)
     at browser.HelpPanel.displayURL(HelpPanel.java:156)
     at browser.HelpPanel.access$000(HelpPanel.java:37)
at
browser.HelpPanel$2.valueChanged(HelpPanel.java:74)
at javax.swing.JTree.fireValueChanged(Unknown
Source)
at
javax.swing.JTree$TreeSelectionRedirector.valueChanged
Unknown Source)
at
javax.swing.tree.DefaultTreeSelectionModel.fireValueCh
nged(Unknown Source)
at
javax.swing.tree.DefaultTreeSelectionModel.notifyPathC
ange(Unknown Source)
at
javax.swing.tree.DefaultTreeSelectionModel.setSelectio
Paths(Unknown Source)
i have given permissions for file io in jdk1.3
jre,tomcat 's catalina as well as in the java.policy
file for this particular application which is in the
jar folder but no use.can anybody tell me the
solution.following is the content of my policy file.
grant {
permission java.net.SocketPermission
ion "*:1024-65535",
"connect,accept,resolve";
permission java.net.SocketPermission "*:80",
0", "connect";
permission java.security.AllPermission;
permission java.util.PropertyPermission
ssion "os.name", "read";
permission java.util.PropertyPermission "os.version",
"read";
permission java.util.PropertyPermission "os.arch",
"read";
permission java.util.PropertyPermission
"file.separator", "read";
permission java.util.PropertyPermission
"path.separator", "read";
permission java.util.PropertyPermission
"line.separator", "read";
permission java.util.PropertyPermission
ssion "user.dir", "read";
permission java.util.PropertyPermission "dir",
dir", "read";
permission java.io.FilePermission "c:\Program
ogram Files\Apache Tomcat 4.0\webapps\web\",
"read,write,execute";
thanks

How to protect an application running on Apache Tomcat app server with OAM 11gR2

Gurus,
We have an Apache Tomcat based application named "ABCD" here at client site that we want OAM 11gR2 PS1 to integrate with for SSO purposes. I have successfully configured OHS to reverse proxy requests to Apache Tomcat server whenever somebody tries to access the application URL but still, I am getting the application login page once I have successfully authenticated on OAM SSO login page. The Tomcat based application is authenticating users against a "UserDatabase realm".
I know in terms of weblogic application, there is an OAM identity asserter provider which then populates the User Principal for the java environment with the authenticated OAM user. But there is no such OAM identity provider for Tomcat.
So my question is, is there an provider (or Tomcat equivalent) which will entrust authentication to a header, that could be used to populate the Java User Principal from the OAM_REMOTE_USER header? Is the weblogic equivalent of authentication providers present in tomcat as well? Are those called valves?
Please advise to the earliest.
Thanks !!

Aakash,
I did follow the 4 steps that you mentioned to me. Out of the 4 that you had mentioned, I already had the webgate in place on OHS server and I was already passing the remote_user http header in oam policy as action.
As part of Step #2: Install mod_jk plugin on OHS server that you mentioned
1.) I downloaded the tomcat connector - tomcat-connectors-1.2.37-src
2.) I had to run ./configure,make, make install on my OHS server which runs on RHEL 6. It created the mod_jk.so file. I pasted it in the needed folder.
3.) I then created the httpd.conf file and workers.properties file as said in the connector docs.
4.) Restarted OHS.
As part of Step #3: Configure tomcat's ajp connector that you mentioned and I went through all the links pasted below but didn't find actually what needs to be in place to configure tomcat's ajp connector. I do see in the server.xml of tomcat app server that the ajp 1.3 protocol is supported:
http://tomcat.apache.org/tomcat-4.0-doc/config/ajp.html
http://tomcat.apache.org/tomcat-3.3-doc/mod_jk-howto.html#s8
http://tomcat.apache.org/tomcat-7.0-doc/config/ajp.html
http://www.mulesoft.com/understanding-tomcat-connectors

    <Connector port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />

    <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
Do we need to disable the HTTP protocol in Tomcat and keep only AJP connector enabled? If yes, how to do that?
I am trying to connect to the application from OHS server like so I am using the http protocal right? How should I use the ajp protocol to connect to tomcat application?
http://ohs-host:ohs-port/abcd
Thanks !!!!!

Apache/Tomcat Access denied????

Similar Messages

Maybe you are looking for