I have found at least a dozen entries for this error even in this forum, and many outside. All are basically saying that inside <Directory></Directory>, I have "deny all" directive, and no "allow" directive.
I cannot write a fixed directory to match because it is created on the fly by a backend tomcat server.
When I entered "myUrl/test/request/user1/1234567890/download", I get
403 Forbidden: You don't have permission to access /test/request/user1/1234567890/download.
httpd error log shows:
[error] [client xxx.xx.xx.xxx] client denied by server configuration: /data/test, referer: myUrl/test/request/user1/1234567890
The part beginning with "test" is created by the backend tomcat, in which "user1" and "1234567890" vary, while the other parts of the directory structure remain fixed.
In my httpd.conf, I do have:
<VirtualHost *:80>
DocumentRoot /data
---
---
RewriteRule ^/test - [L]
---
</VirtualHost>
How do I solve this? Even if I create a different and create another document root, I will need a regex. Somewhere outside , I tried this:
<Directory "/data/test/request/*/*/download">
Options -Indexes -FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
But no success.
I am using "ajp" to talk to backend tomcat and have necessary module in place and I can telnet the backend tomcat server (on 8009) . So it should not be ajp communications problem.
The "test" piece in above url is actually a "context" inside /webapps directory of tomcat. Owner in that "test" context is tomcat, but I have added read permission for everyone.