tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Maulik S <mauli...@tcs.com>
Subject Problem with the valve configuration
Date Fri, 02 Feb 2007 14:20:02 GMT
Hi All,

In our production we want  Sun One Web server 6.1 and Tomcat combination. 
Almost all things are done.
But I got one problem which i want to discuss.
Basically, I have enabled Single Sign On for web server  and through web 
server App server got connected. The problem is if i know the ip and port 
on which App server running, i can able to connect directly on app server. 



I don't want to do that. Let only the request comes from web server (sun 
one- 6.1) and have the access on app server. So nobody can directly able 
to connect to app server.
I have setup valve in the server.xml and allow only certain ip,but as this 



picks the client ip.(users who access it through internet obviously are 
not allowed with this configuration). But I want even those users also 
should able to connect from internet but only restriction is the request 
should come from web server only.
I have use - className="org.apache.catalina.valves.RemoteAddrValve. I 
think I should have to provide different valve value than 
"RemoteAddrValve".
we have 3 machines(load balancing) for web server,so we want only 3 IP 
should be allowd by Tomcat.
Any expert?  I am sure there is someone who had done this thing.
please let me know the solution.
Your  suggestion would be appreciated.

Thanks
Maulik
=====-----=====-----=====
Notice: The information contained in this e-mail
message and/or attachments to it may contain 
confidential or privileged information. If you are 
not the intended recipient, any dissemination, use, 
review, distribution, printing or copying of the 
information contained in this e-mail message 
and/or attachments to it are strictly prohibited. If 
you have received this communication in error, 
please notify us by reply e-mail or telephone and 
immediately and permanently delete the message 
and any attachments. Thank you



Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message