Centos: Apache needs to read files created by Tomcat

0

After trying a lot of different solutions I came here for some help.

I have a web apps in apache HTTPD which serve the frontend and a Java app in Tomcat in the same server.

The thing is that the files created by Tomcat are not readable by Apache. I mean, the users can upload files in the appache server, it send the files to the Tomcat serve who process some information and storage the files in a public folder so Apache can read it. The thing is that Apache gets 403 on those files.

If I run chmod -R 777 in the img/ directory (where the files are storage) I get access to those files, but every time I upload a new file, the HTTPD doesn't have access to it until I run the command.

I created a group call webusers and I added the tomcat and apache users to it.

If I run ln -l over that directory I get (for the old files)

drwsrwsrwx. 2 tomcat webusers 4096 Aug 16 08:50 337

But when I upload a new file I get:

drwxr-s---. 2 tomcat webusers 4096 Aug 16 14:44 33f

And If I try to open in the browser I get

Forbidden

You don't have permission to access /assets/img/cars/brands/33f1d3f1-0e4b-4924-acc1-11e28bed08a8/c_h_1.jpg on this server.

I tried many chown -R / chmod -R 7777 without success, could you help me to make readable by apache the files created by tomcat?

Faabass

Posted 2017-08-16T19:52:48.553

Reputation: 103

Is Apache being used for anything else? – stdunbar – 2017-08-16T20:11:08.147

No...Just to serve this page – Faabass – 2017-08-16T20:36:06.623

Answers

1

If Apache is only used as a front for Tomcat, the simplest answer would be to have the Apache child processes run as Tomcat. I'm not positive of your CentOS version but looking at a few things it looks like the default Apache2 package would create a config file in /etc/httpd/conf/httpd.conf. From there you want to find the configuration parameter User. In my environment I have something like:

User www-user
Group www

But it's likely your setup will be different. Change the User to your Tomcat user and the Group to the same group that the Tomcat user has. Again, I'm not positive of the location of the Apache configuration file - you may have to search a bit for that. Once you've changed this setting you must restart Apache for it to take effect.

stdunbar

Posted 2017-08-16T19:52:48.553

Reputation: 156

Hi! Thanks! this solve the issue... I change apache user for tomcat and the webusers group.. I'm not sure if this is the best answer because I do not prefer the idea of changing the users, but I run out of options.. I have the same situation in the past and I could make it works (I don;t remember how) So given the current scenario, this fixed my issue! So thanks! – Faabass – 2017-08-16T23:17:02.497

Asked: 2017-08-16T19:52:48.553

Viewed: 517 times

Active: 2017-08-16T20:46:13.027