tomcat-dev mailing list archives

Site index · List index

Message view	« Date » · « Thread »
Top	« Date » · « Thread »
From	bugzi...@apache.org
Subject	DO NOT REPLY [Bug 32696] New: - WEB-INF protection stops IIS
Date	Tue, 14 Dec 2004 15:39:16 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG� RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=32696>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND� INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=32696 Summary: WEB-INF protection stops IIS Product: Tomcat 4 Version: 4.1.30 Platform: PC OS/Version: Windows NT Status: NEW Severity: critical Priority: P2 Component: Unknown AssignedTo: tomcat-dev@jakarta.apache.org ReportedBy: hugomendonca@gmail.com Hi, We are having a strange behavior with Jakarta filter loaded in NT4.0 Enterprise Edition with IIS 4.0. After reproducing the steps the IIS service stops: �telnet (server) 80 GET /WEB-INF./web.xml http/1.1� The output generated is: ################################################################################ ######## HTTP/1.1 403 Forbidden Server: Microsoft-IIS/4.0 Date: Thu, 09 Dec 2004 23:34:29 GMT <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><HTML><HEAD><TITLE >Access forbidden!!</TITLE></HEAD><BODY><H1>Access forbidden!</H1><DL><DD> You do n't have permission to access the requested object.It is either read-protected o r not readable by the server.</DL></DD></BODY></HTML> ################################################################################ ######## In the event viewer is displayed (sounds correct): ################################################################################ ######## Emerg: [jk_isapi_plugin.c (434)]: HttpFilterProc [/web-inf./web.xml] points to the web-inf or meta-inf directory. Somebody try to hack into the site!!! ################################################################################ ######## If Jakarta filter is not loaded there is no problem. We are using jakarta- tomcat-connectors jk 1.2.6 win32-IIS. Regards, Hugo Mendon�a -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
Mime	Unnamed text/plain (inline, None, 2513 bytes)
	View raw message