cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robin Green" <>
Subject Re: Security:
Date Thu, 21 Sep 2000 22:27:49 GMT
>Using the following setup, I can request and see its
>contents because it seems that Tomcat wants the file in
>each web application directory.
>- am I doing something wrong?

Yes, put it in a WEB-INF directory, then web users will not be able to see 
it. This is defined in the Servlet Spec I believe.

>- is this a security problem in the making?

No. :)

Get Your Private, Free E-mail from MSN Hotmail at

Share information about yourself, create your own public profile at

View raw message