tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alexander Voss <av...@inf.ed.ac.uk>
Subject limiting access to an application where IP filtering is not possible
Date Thu, 01 Dec 2005 17:37:11 GMT

Hi,

I have to restrict usage of an application
to a number of selected machines. Problem is
that these machines are part of a large
(no, huge) network that sits behind a NAT
gateway, so I can't just filter for IP addresses
as the only IP I ever see is the one of the
gateway. I am assuming that using client
certificates is the way to go there? However,
I want to require both a certificate to be present
and the user to log in using their username and
password. Question: are the two mechanisms
orthogonal and does anyone have any pointers or
configurations file snippets to show how this
can be configured? Any help much appreciated.

Cheers,

Alex
-- 
Alexander Voss, Research Associate
School of Informatics, University of Edinburgh
1 Buccleuch Place, Edinburgh EH8 9LW
Office   +44 131 650 4412
Lab      +44 131 650 8288
NTRAC    +44 131 537 3363
Email    avoss@inf.ed.ac.uk
Homepage http://homepages.inf.ed.ac.uk/avoss

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message