tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Robert Jacobson <>
Subject deny access to directory
Date Tue, 30 Aug 2011 13:28:23 GMT

I'm trying to deny access to the .svn directories for my Tomcat 6.0.32
installation (on Windows Server 2003, if that matters), but what I'm
doing isn't working and I need help, please.  I'm using the built-in web
server (i.e. I have not integrated w/ Apache).

My install directory structure looks like this:

.svn/  LICENSE*  NOTICE*  Uninstall.exe*  bin/  conf/  lib/  logs/ 
temp/  tomcat.ico*  webapps/  work/

 .svn/  ROOT/  ROOT.war*  docs/  host-manager/  manager/  tomcat/

.svn/    META-INF/    WEB-INF/   index.jsp  [etc...]

When I request:


It returns the contents of $TOMCAT_DIR/webapps/.svn/entries.  I don't
want Tomcat to return the content of any file in .svn/.

I searched the mailing list and google, and general approach appears to
be adding a security-constraint to web.xml. (e.g.
  So, I tried the following in $TOMCAT_DIR/webapps/ROOT/WEB-INF/web.xml:

      <web-resource-name>svn entries</web-resource-name>

I've also tried adding the same security constraint above to
$TOMCAT_DIR/conf/web.xml, with the same results.

For kicks I also tried an explicit role that doesn't exist (e.g.
"NOBODY"), but that didn't work either.  (aside:  an empty
auth-constraint mean no one is allowed access, correct?)

Can someone please tell me why the above changes did not work?  Or, is
there another way to accomplish what I want (deny access to all files in
.svn directories)?

Also -- I'm puzzled why Tomcat is returning webapps/.svn/entries instead
of ROOT/.svn/entries?

Excerpt from server.xml:

  <Service name="Catalina">
    <Engine name="Catalina" defaultHost="localhost">

      <Host name="localhost"  appBase="webapps"
            unpackWARs="true" autoDeploy="false"
            xmlValidation="false" xmlNamespaceAware="false">

Robert Jacobson     
Lead System Admin       Solar Dynamics Observatory (SDO)
Bldg 14, E222                             (301) 286-1591 

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message