Have a Question?
Print

Jetty Webserver: HTTP code 403 (Forbidden) shown for symbolically linked Document Base Directories

Problem Description

After installing BBj 20.31 or later, when trying to load URLs that host static web pages, Jetty may return HTTP 403, while the browser displays a page that reads “403 (Forbidden)”.  One possible cause of this problem is if the htdocs directory or other document base directory in the BBj installation is a symbolic link to a different directory.  

Solution

In BBj, Jetty is configured to not follow symbolic links by default for security reasons.  Though this Stackoverflow post  applies to a similar feature in Apache, the risk is the same.  If your installation depends on the web browser being able to follow symbolic links, this option can be enabled in Enterprise Manager under <Server> → BBjServices → Servers → Web → Allow Aliases.  To enable the web server to follow symbolic links,  check Allow Aliases.  The option should take effect immediately without a need to restart BBjServices.

The corresponding property in BBj.properties is com.basis.jetty.AllowAliases, with values of “true” for checked and “false” for unchecked.

 

Table of Contents
Scroll to Top