Hi,
zungmann@xxxxxxx wrote:
Try this:
1. Create new web application with appWizard. e.g: application created
under: /root/myProjects/sampleApp/
2. Add the application to Enhydra Multiserver using admin console:
- Application Type: War
- Name: /root/myProjects/sampleApp/output/lib/sampleApp.war
- Document Root: /
3. Create connection
- Connection method: http
- URL prefix: /sampleApp or any approriate
- Choose any port approriate
4. Start the application
Now, try to access the application with your browser. e.g:
http://localhost:10000/sampleApp, and WOW, you can browse root directory of
your file system!!
Is this some kind of bug??
This isn't really an Enhydra issue. Apache will do the same thing (allow
you to browse your entire file system) if you set DocumentRoot to "/".
You should set DocumentRoot to something a bit more restricted...
Scott
| 