JBoss directory browsing is enabled by default

  • 3730332
  • 11-Sep-2006
  • 16-Mar-2012


Novell Identity Manager Identity Manager 3.0
Novell Identity Manager Identity Manager 3.0.1
Novell exteNd JBoss Application Server 4.0.2


By default, JBoss allows directory browsing. Therefore, if you type the URL http://server:8080/IDMProv/resources/, the list of resources under this URL is displayed.


If you do not want directory browsing to be enabled, go to jboss-4.0.2\server\IDM-Application Context\deploy\jbossweb-tomcat55.sar\conf, and edit the listings entry in the web.xml file:


To suppress the display of resources, change the listings value from true to false.