Inside my httpd.conf, my DocumentRoot is /data.
I have a web application running inside Tomcat which creates a part of url, and this url is appended to my Apache url.
Tomcat part: testapp/req/usrX/12345/file
(note: usrX and 12345 are variable)
Apache part:
http://myUrl
When I access
http://myUrl/testapp/req/usrX/12345/file, I get
Code:
403 Forbidden: You don't have permission to access /testapp/req/userX/12345/file in this server
I have read many posts and all seem to say that inside my <Directory> ... </Directory>, I don't have "allow all" directive.
Yes, inside my httpd.conf, I have:
Code:
<Directory>
DocumentRoot /data
--
--
Deny from all
</Directory>
My problem:
I don't know how to write DocumentRoot with regular expression (and include "Allow from all" directive).
I think I need regular expression because the url pattern changes. As mentioned above, usrX and 12345 are variable.
I tried as follows, but failed.
Code:
<Directory "/data/testapp/req/*/*/file">
Options -Indexes -FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
Apache server log says:
Code:
[error] [client xxx.xx.xx.xxx] client denied by server configuration: /data, referer: myUrl/testapp/req/userX/12345
I am using "ajp" to talk to backend Tomcat server that generates the second half of the url. I have necessary modules in place ("LoadModule proxy_ajp_modul") and I can telnet the backend Tomcat (on 8009) . So it could not be ajp communications problem.
For the ajp/redirection to work, I have added these lines inside the <VirtualHost> section of httpd.conf.
Code:
<VirtualHost *:80>
DocumentRoot /data
---
---
ProxyPass /testapp ajp://backend_tomcat_url:8009/testapp
ProxyPassReverse /testapp ajp://backend_tomcat_url:8009/testapp
---
</VirtualHost>
File permission on Tomcat context:
"testapp" is a "context" inside /webapps directory of Tomcat.
Owner of the "testapp" context is tomcat, but I have added read permission for everyone.
Would be grateful for some pointers. Thank you.