tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Pier P. Fumagalli" <p...@betaversion.org>
Subject Re: Restricting Access to Tomcat 3.x and Tomcat 4.0 Connectors
Date Mon, 05 Mar 2001 06:41:38 GMT
Craig R. McClanahan <Craig.McClanahan@eng.sun.com> wrote:
>> 
>> BARF, Craig :) :) :) Bind your serversocket to the 127.0.0.1 address only,
>> and the trick is done... (if it doesn't work, it's a JVM/OS problem)
> 
> That controls where the *destination* of the client connection can go,
> but not the *origin*.  Look again and find me the appropriate JDK
> methods to call to say "only accept connections from IP address
> a.b.c.d", which was the original question.

But if your concern is to have connections coming ONLY from the localhost
interface (127.0.0.1), that by definition of any TCP-IP stack I've seen so
far can accept connections only from itself... I know, if you want to accept
or reject connections from Ips different from 127.0.0.1, you always have to
open the socket, but if you bind only to 127.0.0.1 you're guaranteed that
all connections can only come from the same interface...
(AFAIK!) :) :) :)

    Pier

-- 
----------------------------------------------------------------------------
Pier Fumagalli  <http://www.betaversion.org/>  <mailto:pier@betaversion.org>


Mime
View raw message