tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tommy Pham <tommy...@yahoo.com>
Subject Re: How to block part of application based on ip filtering
Date Sun, 24 Aug 2008 14:19:47 GMT

--- On Sun, 8/24/08, Meir Yanovich <meiry242@gmail.com> wrote:

> From: Meir Yanovich <meiry242@gmail.com>
> Subject: How to block part of application based on ip filtering
> To: users@tomcat.apache.org
> Date: Sunday, August 24, 2008, 7:38 AM
> Hello all
> im using tomcat as the web server , and i have reverse
> proxy that
> redirect to the tomcat
> i like to be able to restrict the users that redirected
> from the
> reverse proxy server to be able to
> enter only one section of the application .
> now i was reading the configuration and i found only the
> possibility
> to allow / deny based on ip with :
> org.apache.catalina.valves.RemoteAddrValve , but how can i
> allow from
> ip x to enter only section Y of the application .
> thanks
> 

Hi Meir,

I think the only possible approach is within the application itself since you want to limit
access to certain portions of the application.  You can use the request.getRemoteAddr() of
the HttpServletRequest.  If you store the information (URL & IP) in the database, you
can change it dynamically as you need to :).  Also, you can log for repeated attempts of hacking
;)

Regards,
Tommy

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message