tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Lintang JP <lintang...@gmail.com>
Subject Re: limiting access to an application where IP filtering is not possible
Date Fri, 02 Dec 2005 02:14:36 GMT
How about using http-header -> HTTP-X-FORWARDED-FOR ?

On 12/2/05, Alexander Voss <avoss@inf.ed.ac.uk> wrote:
>
>
> Hi,
>
> I have to restrict usage of an application
> to a number of selected machines. Problem is
> that these machines are part of a large
> (no, huge) network that sits behind a NAT
> gateway, so I can't just filter for IP addresses
> as the only IP I ever see is the one of the
> gateway. I am assuming that using client
> certificates is the way to go there? However,
> I want to require both a certificate to be present
> and the user to log in using their username and
> password. Question: are the two mechanisms
> orthogonal and does anyone have any pointers or
> configurations file snippets to show how this
> can be configured? Any help much appreciated.
>
> Cheers,
>
> Alex
> --
> Alexander Voss, Research Associate
> School of Informatics, University of Edinburgh
> 1 Buccleuch Place, Edinburgh EH8 9LW
> Office   +44 131 650 4412
> Lab      +44 131 650 8288
> NTRAC    +44 131 537 3363
> Email    avoss@inf.ed.ac.uk
> Homepage http://homepages.inf.ed.ac.uk/avoss
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>


--
-------------------------------------------------------------------
html version :
http://www.psychotazkia.or.id
wml version :
http://wap.psychotazkia.or.id

#365364 Registered Linux User

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message