GlassFish/Tomcat security issue between domain users in linux server (alternate docroot issue)
Let is intend we provide to various users (customers) various domain names (one domain name for one customer) in our glassfish application web server for their job. This glassfish operates in centos 6 web server. Every customer has his customer folder in/ residence (/ home/user1,/ home/user2). Glassfish is mounted in/ usr/glassfish. and also runs as "glassfish" linux customer.
And also every customer (customer) intends to have an alternative docroot (s). Below is is the trouble. Every customer has accessibility just to his residence folder. So it is the area where he intends to have alternative docroot (s) to maintain his information. In order for glassfish to get users' alternative docroots we open users' folders (/ home/user1,/ home/user2) for glassfish. Today, every customer can release his application and also get an additional customer is alternative docroot. Due to the fact that it is the customer establishes alternative docroot folder not the admin.
Below is the large distinction - in apache it is the manager that establishes webserver folders for analysis.
So either my vision is incorrect or just how can it be dealt with?
[EDITED] Here I am speaking about one linux web server with one IP and also one glassfish application web server because linux web server. To provide solutions to our customers we do not install various glassfish web servers we provide various domain names in the very same glassfish web server as I see it is the most effective approach.