tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier ...@ice-sa.com>
Subject Re: mod_jk - Browser displays HTML Sourcecode
Date Tue, 08 Nov 2011 15:04:20 GMT
Alexander Diedler wrote:
> Hello,
> 
> Something goes wrong. I have a Apache 2.2.1 with mod_jk and a Tomcat 6.0.32.
> So if I connect to the website http://www.test.de/ everything is ok, site
> was displayed. If I try to access http://www.test.de/xyz i get the source
> code from the site it should be displayed, but it was not rendered by the
> browser. If I connect to the tomcat directly with port 8080, the sites will
> be delivered fine to the browser.

That most probably means that the URL mappings for mod_jk are not correct, and that Apache

httpd is serving that content directly.
Look at (or show here) the JkMount lines that should be somewhere in your Apache 
configuration.

At a second level, it also means that you are doing something that is really not 
recommended : allow Apache httpd access to the Tomcat application directories.
That bypasses any security that you may have in Tomcat.
Your current problem is a perfect example : Apache now shows the source code of your JSP 
pages.  Hopefully there is no secret password in there.

Test : (http://www.test.de/xyz)/WEB-INF/web.xml


> 
>  
> 
> In the Apache access log:
> 
> xxx.xxx.214.145 - - [08/Nov/2011:14:44:08 +0100] "GET / HTTP/1.1" 200 23281
> ##OK
> 
> xxx.xxx.214.145 - - [08/Nov/2011:14:44:11 +0100] "GET
> /go/VV4QB69WO9F01A9KGBSYVGNVGHY6T95J HTTP/1.1" 200 88572    ##Not ok,
> sorcecode displayed.
> 
>  
> 
> In the virtual-host.conf:
> 
> ## Tomcatanbindung
> 
>     JkMount /* loadbalancer
> 
> JkOptions +ForwardURICompatUnparsed
> 
> AllowEncodedSlashes On            
> 
>  
> 
>  
> 
> Greetings
> 
> Alexander
> 
>  
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message