tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mark H. Wood" <mw...@IUPUI.Edu>
Subject Re: Denying IPs using the Valve command in context.xml
Date Wed, 05 Oct 2011 13:57:04 GMT
Part of the problem with this valve is that regex matching is such a
(IMHO) bizarre choice for IP address matching.  IP addresses have a
structure which is very unlike text, and the customary and expected
matches take a bit of finagling to do in regexes.

I should try writing netmask and CIDR address matchers.

Likewise the hostname valve.  Domain names also are structured, and
people who have just discovered the valve may be expecting quite a
different type of matching than what they get.  I had to read the
documentation very slowly and carefully before I could get the
customary match styles out of my head.

Again, I should try writing a DNS-style globber.  It might be fun.
(But don't hold your breath waiting for it.)

-- 
Mark H. Wood, Lead System Programmer   mwood@IUPUI.Edu
Asking whether markets are efficient is like asking whether people are smart.

Mime
View raw message