tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: Denying IPs using the Valve command in context.xml
Date Wed, 05 Oct 2011 22:11:58 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mark,

On 10/5/2011 9:57 AM, Mark H. Wood wrote:
> Part of the problem with this valve is that regex matching is such
> a (IMHO) bizarre choice for IP address matching.  IP addresses have
> a structure which is very unlike text, and the customary and
> expected matches take a bit of finagling to do in regexes.

This was done somewhat recently (can't find the enhancement request at
the moment) so that partial IP address matches could be done. It's
done at the RequestFilterValve level which allows any of the
subclasses to use regular expressions to match pretty much any
allow/deny request property. Take a look a the code to see the level
of reuse it provides. While it may not exactly be the smartest choice
for IP addresses specifically, you don't have to use it for IP
addresses :)

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk6M1i0ACgkQ9CaO5/Lv0PAnuwCfZNhDWns5QDu5Lee+txGP0uU+
iP0An3wBwYz3+DEp7YrfDt1lJM0WfISb
=HZFI
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message