Changeset 26576

Show
Ignore:
Timestamp:
12.12.2012 14:56:32 (7 years ago)
Author:
ak19
Message:

Deny access to the Greenstone 3 log files, with greenstone.log particularly in mind. The change is made to web.xml, which will make it easier for users to choose to allow public access to these logs if they want to share the contents with the mailing list were they to encounter any GS3 problems.

Files:
1 modified

Legend:

Unmodified
Added
Removed
  • main/trunk/greenstone3/web/WEB-INF/web.xml

    r26517 r26576  
    409409  </mime-mapping> 
    410410 
    411 <!-- Deny access to contents of URL pattern /usersDB/* 
    412 It appears the url pattern has to be relative to the web directory (a url-pattern of /usersDB/* is insufficient), so this may need to be done for all sites. 
     411<!-- Deny access to contents of URL pattern /logs/*, although greenstone.log is the important one. It appears the url pattern has to be relative to the web directory.  
    413412http://stackoverflow.com/questions/5333266/tomcat-deny-access-to-specific-files 
    414413and http://www.coderanch.com/t/84442/Tomcat/write-correct-url-pattern-security --> 
    415414  <security-constraint> 
    416415    <web-resource-collection> 
    417         <web-resource-name>usersDB files</web-resource-name> 
    418         <description>No direct access to usersDB files.</description> 
    419         <url-pattern>/sites/localsite/etc/usersDB/*</url-pattern> 
    420     <!--<url-pattern>/usersDB/*</url-pattern>--> 
     416        <web-resource-name>log files</web-resource-name> 
     417        <description>No direct access to greenstone's logs.</description> 
     418        <url-pattern>/logs/*</url-pattern> 
    421419        <http-method>POST</http-method> 
    422420        <http-method>GET</http-method> 
    423421    </web-resource-collection> 
    424422    <auth-constraint> 
    425         <description>No direct browser access to usersDB files.</description> 
     423        <description>No direct browser access to log files.</description> 
    426424        <role-name>NobodyHasThisRole</role-name> 
    427425    </auth-constraint>