A common practice is to use a Java application server such as Tomcat in conjunction with an HTTP Web server such as Apache HTTP Server. You can set up application so that Tomcat handles only those requests that involve Java processing, while Apache handles all images, stylesheets, and HTML files.
If you are doing this, you need to map the following URL patterns to the Tomcat server. You would put these mappings into Apache's configuration file,
httpd.conf, or the Apache-Tomcat Connector's configuration file,
workers2.properties. Please refer to the Apache-Tomcat Connector's documentation for complete instructions. Information is available at http://jakarta.apache.org/tomcat/connectors-doc.
These are the patterns that SoftSlate Commerce needs to use for requests involving Java processing.
SoftSlate Commerce's URL Mappings
If you are using a Web server to handle non-Java requests, another critical configuration step is to prevent access to the
WEB-INF directory. That directory holds a number of files that, if exposed to outside users, would compromise security.
If you using a Web server to handle non-Java requests with SoftSlate Commerce, it is critical that you prevent access to SoftSlate Commerce's
Here is an example of a directive for Apache to prevent access to the
WEB-INF directory. This example assumes that you have installed SoftSlate Commerce in a directory named
/var/www/html. (Replace that with the corresponding directory on your server.) You would place this directive in the appropriate place in Apache's configuration file,
<Directory /var/www/html/softslate/WEB-INF/> AllowOverride None Deny from all </Directory>
Copyright © 2005 SoftSlate, Inc. All Rights Reserved.