tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alexander Voss <>
Subject limiting access to an application where IP filtering is not possible
Date Thu, 01 Dec 2005 17:37:11 GMT


I have to restrict usage of an application
to a number of selected machines. Problem is
that these machines are part of a large
(no, huge) network that sits behind a NAT
gateway, so I can't just filter for IP addresses
as the only IP I ever see is the one of the
gateway. I am assuming that using client
certificates is the way to go there? However,
I want to require both a certificate to be present
and the user to log in using their username and
password. Question: are the two mechanisms
orthogonal and does anyone have any pointers or
configurations file snippets to show how this
can be configured? Any help much appreciated.


Alexander Voss, Research Associate
School of Informatics, University of Edinburgh
1 Buccleuch Place, Edinburgh EH8 9LW
Office   +44 131 650 4412
Lab      +44 131 650 8288
NTRAC    +44 131 537 3363

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message