tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rainer Jung <>
Subject Re: isapi_redirector & protected Diretories
Date Mon, 21 Jan 2008 10:46:32 GMT
Hi Holger,

Holger Burde wrote:
> Hi;
> I did a Netbeans 6 JSF Project recently  which was developed and tested
> with Tomcat6. The final installation was set up with  Tomcat 6.0.14
> behind IIS6 (Connectors / isapi_rediretor (latest version)).
> Running some tests we discovered  that allmost all Javascript was
> filtered out and we got almost blank pages. The Reason was that the
> isapi_redirector filters out every access to any URI which *contains*
> Example : javascript   $CONTEXT/theme/META-INF/json/json.jsf
> This is not THE META-INF config directory - its just a Path which
> accidential contains META-INF !!!
> Is there any way to configure access to such directories or ist his a
> Bug in the isapi_redirector ? From the source it looks like it a
> substring Match which filters out anything. Any Comments on this are
> welcome.

No, there is no way to change this via configuration. A context path can 
be multiple-directories, so since we don't know what's exactly deployed 
in the backend, we need to secure all possible WEB-INF and META-INF 

Best would be to not use those names for normal content directories. Not 
only because your isapi redirector problem, but also because admins 
might misinterprete the directories.

If the stuff in the directories is static and you deploy it on IIS 
itself, you can use an exclusion mount for them. That way we don't find 
a worker, and for requests that don't get send to the backend, there is 
no such check. Be careful though, you don't want to expose your real 

> Thanks in advance
> Hb
> Java developer



To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message