问题
I am using Apache (httpd) on my CentOS and deployed my Java/Struts web application on Tomcat6.
I am forwarding requests between Apache to Tomcat using Mod_JK.
To make this work on SSL I followed this stackflow question to make settings httpd.conf, mod_jk.conf.
This is working fine for same web application when I called it using HTTP.
However, through HTTPS I am getting 403 error. When I looked into the logs I found following entry
Directory index forbidden by Options directive: /var/lib/tomcat6/webapps/myapp/, referer:
https://my domain IP
I tried setting Directory in httpd.conf like below but getting the same error
<Directory "/var/lib/tomcat6/webapps/<myapp>">
Options +Indexes FollowSymLinks +ExecCGI
AllowOverride AuthConfig FileInfo
Order allow,deny
Allow from all
</Directory>
Please take a note that I haven't made any changes to Tomcat's Server.xml yet.
Any help.
Edit:
I created dummy index.html and kept it on my application root folder.
Then I requested the same URL from web browser through HTTPS, guess what?
I am able to see my index.html. However, HTTP is working in correct way.
Now can anyone tell me how can I guide apache not to search for any index.html but forward the request to tomcat directly.
Edit-2: When I tried changing Directory Options to "Indexes FollowSymLinks Includes ExecCGI", it started displaying directory lists.
回答1:
There is ssl.conf file present in conf.d folder of the HTTPD. Have you seen that file too?
This file (if present) has higher priority than what is written in httpd.conf file.
Please see if you have provided virtual host setting to that file or wrong settings are written in that file. You can also check by commenting your virual host present in httpd.conf file and check if the 403 error is still coming. If that is the case it is quiet sure that Apache is loading settings from some other file. If 404 error is coming then there might be some other things to set.
来源:https://stackoverflow.com/questions/21308928/getting-403-forbidden-error-while-forwarding-request-of-ssl-from-apache-server