tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From François Conil <>
Subject Multi user setup in a non root environnement
Date Thu, 06 Apr 2006 09:55:27 GMT

I'm currently setting up a tomcat 5.5 serveur behind an apache 1.3 
server using mod_jk, all of this running under freebsd 6.0.

I've got two questions :

1) I managed to successfully run Tomcat under the root account in a 
multi user setup, with .jsp files reachables via and by 
using the PasswdUserDatabase UserConfig.

The problem is that I'm kinda worried about security and running tomcat 
under the root account. I used the -security switch, which seems to work 
great, but is it secure enough ? I don't want my users to walk through 
the whole filesystem if there's some security leak :|

If so, then the following question might just be for "scientific" 
purposes ;)

2) I created a tomcat user and tomcat group, chowned the whole tomcat 
directory to tomcat:tomcat and launched the tomcat server without any 
particular switch after having su-ed to the tomcat user.

The default page works great, but trying to get to or issues a 
404 error from tomcat.

I found little help about this, and I'm quite puzzled about this 404 error.
Does anyone can help me with this ?

Thanks by advance,
François Conil
Administrateur Systèmes et Réseaux
<Pax> I wish my lawn was emo, so it would cut itself.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message