tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ralph Einfeldt" <ralph.einfe...@uptime-isc.de>
Subject AW: Access-Control for Tomcat-Webserver (Version 4.0.1)
Date Fri, 07 Jun 2002 06:09:37 GMT
Depending on how good you wan't to disable access from the outside
and what the outside is (other departments, internet) there are at
least the following options:

- Use org.apache.catalina.valves.RemoteHostValve or
  org.apache.catalina.valves.RemoteAddrValve
  To allow/block certain Hosts/IP's.
  Have a look at
  http://jakarta.apache.org/tomcat/tomcat-4.0-doc/config/engine.html
 
http://jakarta.apache.org/tomcat/tomcat-4.0-doc/config/valve.html#Remote
%20Address%20Filter

- Build you own protection.
  E.G. create a filter that checks if the sever port is 8080
  and blocks every request where the client doesn't belong to 
  list of IP's.

- Use authentication
  If you don't want to enter username and password each time
  you login to the application you can use client certificates

- Use a firewall
  To restrict the access inside an intranet it's
  possibe to use a (software) firewall on the server 
  that disables the port for all IP outside of the 
  department.

> -----Urspr├╝ngliche Nachricht-----
> Von: "B├╝hrle, Martin, FCI1" [mailto:martin.buehrle@lfk.eads.net]
> Gesendet: Donnerstag, 6. Juni 2002 18:01
> An: 'tomcat-user@jakarta.apache.org'
> Betreff: Access-Control for Tomcat-Webserver (Version 4.0.1)
> 
> The only problem we have, is that you can still reach the 
> content of the CMS-servlet under port 8080 from outside our 
> business unit, because this port is the standard-tomcat 
> HTTP-Server and the apache-access-control doesnt
> work in this case.
> 

--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message