You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by lorenzo medici <me...@pm-medici.ch> on 2015/04/06 12:20:46 UTC
resources not more available after setting RemoteAddrValve
Hi
i work on an ubuntu system:
OS Name: Linux
OS Version: 2.6.32-042stab094.7
Architecture: amd64
With tomcat Server
Server number: 7.0.26.0
JVM Version: 1.7.0_72-b14
After setting the RemoteAddrValve:
<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127\.0\.0\.1|85.25.XX.XX" deny=""/>
Tomcat works but all resources will not be showed anymore. Without the valve it works.
Checking the processes and the owner tf this processes and the owner to the directories where the resource (images) are located i see that both have the same user.
Processes:
...
* Tomcat servlet engine is running with pid 13966
…
root 1353 0.0 0.0 1573568 2480 ? Sl Feb10 0:01 /usr/sbin/conso
root 1421 0.0 0.0 190640 1860 ? Sl Feb10 0:00 /usr/lib/policy
proftpd 4967 0.0 0.0 94840 1952 ? Ss Apr05 0:00 proftpd: (accep
root 5542 0.0 0.0 299596 11784 ? Ss Mar20 0:39 /usr/sbin/apach
www-data 12443 0.0 0.2 326992 35236 ? S Apr05 0:08 /usr/sbin/apach
www-data 13259 0.0 0.2 326040 35740 ? S Apr05 0:06 /usr/sbin/apach
www-data 13907 0.0 0.2 327504 35368 ? S Apr05 0:04 /usr/sbin/apach
tomcat7 13966 0.2 5.6 3982672 710900 ? Sl Apr05 2:52 /usr/lib/jvm/de
www-data 14072 0.0 0.2 323600 30792 ? S Apr05 0:06 /usr/sbin/apach
www-data 14090 0.0 0.2 320996 27876 ? S Apr05 0:05 /usr/sbin/apach
www-data 16871 0.0 0.2 324676 32932 ? S Apr05 0:03 /usr/sbin/apach
www-data 17945 0.0 0.2 322388 31992 ? S 01:20 0:02 /usr/sbin/apach
Directories:
drwxrwxrwx 12 tomcat7 staff 4096 Jan 13 15:37 artist
drwxrwxrwx 2 tomcat7 staff 4096 Sep 24 2014 company
drwxrwxrwx 12 tomcat7 staff 4096 Dec 20 02:15 psnt
drwxrwxrwx 9 tomcat7 staff 4096 Jan 27 16:34 user
Can you give me a hint?
Thank you very much for your help.
best regards
Lorenzo
Re: resources not more available after setting RemoteAddrValve
Posted by lorenzo medici <me...@pm-medici.ch>.
Hi
Am 06.04.2015 um 13:07 schrieb Konstantin Kolinko <kn...@gmail.com>:
> 2015-04-06 13:20 GMT+03:00 lorenzo medici <me...@pm-medici.ch>:
>> Hi
>> i work on an ubuntu system:
>> OS Name: Linux
>> OS Version: 2.6.32-042stab094.7
>> Architecture: amd64
>>
>> With tomcat Server
>> Server number: 7.0.26.0
>
> https://wiki.apache.org/tomcat/FAQ/Linux_Unix#Q5
>
>> JVM Version: 1.7.0_72-b14
>>
>> After setting the RemoteAddrValve:
>
> Where? In your web app, or globally?
it's in the server.xml on the path:
Server/Service/Engine/Host
>
>> <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127\.0\.0\.1|85.25.XX.XX" deny=""/>
>>
>> Tomcat works but all resources will not be showed anymore.
>
> What happens? Error 403, blank page, no connection?
>
> Check access log of Tomcat to see the actual IP address used by your client.
>
> E.g. connecting to localhost on modern computers can use IPv6 address
> (0:0:0:0:0:0:0:1), but your configuration only allows IPv4 one.
>
> Try to explicitly use the IP address in your browser,
> http://127.0.0.1:8080/
>
> See Tomcat log files for any failures.
> E.g. a syntax error in allow/deny regular expression value will cause
> start failure of the Valve.
>
I checked the logs. All images i want to display on the page are called with the GET command and the IP was the one of the browser-client. So now it's clear why the images doesn't be delivered, because the valve was installed on the host -instance. -> the tomcat denied these.
So, then it was clear to set the scope of the valve only to the axis2-application. And this works! THANKS!
>
>> Without the valve it works.
>> Checking the processes and the owner tf this processes and the owner to the directories where the resource (images) are located i see that both have the same user.
>>
>> Processes:
>> ...
>> * Tomcat servlet engine is running with pid 13966
>> …
>>
>> root 1353 0.0 0.0 1573568 2480 ? Sl Feb10 0:01 /usr/sbin/conso
>> root 1421 0.0 0.0 190640 1860 ? Sl Feb10 0:00 /usr/lib/policy
>> proftpd 4967 0.0 0.0 94840 1952 ? Ss Apr05 0:00 proftpd: (accep
>> root 5542 0.0 0.0 299596 11784 ? Ss Mar20 0:39 /usr/sbin/apach
>> www-data 12443 0.0 0.2 326992 35236 ? S Apr05 0:08 /usr/sbin/apach
>> www-data 13259 0.0 0.2 326040 35740 ? S Apr05 0:06 /usr/sbin/apach
>> www-data 13907 0.0 0.2 327504 35368 ? S Apr05 0:04 /usr/sbin/apach
>> tomcat7 13966 0.2 5.6 3982672 710900 ? Sl Apr05 2:52 /usr/lib/jvm/de
>> www-data 14072 0.0 0.2 323600 30792 ? S Apr05 0:06 /usr/sbin/apach
>> www-data 14090 0.0 0.2 320996 27876 ? S Apr05 0:05 /usr/sbin/apach
>> www-data 16871 0.0 0.2 324676 32932 ? S Apr05 0:03 /usr/sbin/apach
>> www-data 17945 0.0 0.2 322388 31992 ? S 01:20 0:02 /usr/sbin/apach
>>
>> Directories:
>> drwxrwxrwx 12 tomcat7 staff 4096 Jan 13 15:37 artist
>> drwxrwxrwx 2 tomcat7 staff 4096 Sep 24 2014 company
>> drwxrwxrwx 12 tomcat7 staff 4096 Dec 20 02:15 psnt
>> drwxrwxrwx 9 tomcat7 staff 4096 Jan 27 16:34 user
>>
>> Can you give me a hint?
>>
>> Thank you very much for your help.
>>
>
>
> Best regards,
> Konstantin Kolinko
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
Again, thank you very much for your hint.
Best regards
Lorenzo Medici
Re: resources not more available after setting RemoteAddrValve
Posted by Konstantin Kolinko <kn...@gmail.com>.
2015-04-06 13:20 GMT+03:00 lorenzo medici <me...@pm-medici.ch>:
> Hi
> i work on an ubuntu system:
> OS Name: Linux
> OS Version: 2.6.32-042stab094.7
> Architecture: amd64
>
> With tomcat Server
> Server number: 7.0.26.0
https://wiki.apache.org/tomcat/FAQ/Linux_Unix#Q5
> JVM Version: 1.7.0_72-b14
>
> After setting the RemoteAddrValve:
Where? In your web app, or globally?
> <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127\.0\.0\.1|85.25.XX.XX" deny=""/>
>
> Tomcat works but all resources will not be showed anymore.
What happens? Error 403, blank page, no connection?
Check access log of Tomcat to see the actual IP address used by your client.
E.g. connecting to localhost on modern computers can use IPv6 address
(0:0:0:0:0:0:0:1), but your configuration only allows IPv4 one.
Try to explicitly use the IP address in your browser,
http://127.0.0.1:8080/
See Tomcat log files for any failures.
E.g. a syntax error in allow/deny regular expression value will cause
start failure of the Valve.
> Without the valve it works.
> Checking the processes and the owner tf this processes and the owner to the directories where the resource (images) are located i see that both have the same user.
>
> Processes:
> ...
> * Tomcat servlet engine is running with pid 13966
> …
>
> root 1353 0.0 0.0 1573568 2480 ? Sl Feb10 0:01 /usr/sbin/conso
> root 1421 0.0 0.0 190640 1860 ? Sl Feb10 0:00 /usr/lib/policy
> proftpd 4967 0.0 0.0 94840 1952 ? Ss Apr05 0:00 proftpd: (accep
> root 5542 0.0 0.0 299596 11784 ? Ss Mar20 0:39 /usr/sbin/apach
> www-data 12443 0.0 0.2 326992 35236 ? S Apr05 0:08 /usr/sbin/apach
> www-data 13259 0.0 0.2 326040 35740 ? S Apr05 0:06 /usr/sbin/apach
> www-data 13907 0.0 0.2 327504 35368 ? S Apr05 0:04 /usr/sbin/apach
> tomcat7 13966 0.2 5.6 3982672 710900 ? Sl Apr05 2:52 /usr/lib/jvm/de
> www-data 14072 0.0 0.2 323600 30792 ? S Apr05 0:06 /usr/sbin/apach
> www-data 14090 0.0 0.2 320996 27876 ? S Apr05 0:05 /usr/sbin/apach
> www-data 16871 0.0 0.2 324676 32932 ? S Apr05 0:03 /usr/sbin/apach
> www-data 17945 0.0 0.2 322388 31992 ? S 01:20 0:02 /usr/sbin/apach
>
> Directories:
> drwxrwxrwx 12 tomcat7 staff 4096 Jan 13 15:37 artist
> drwxrwxrwx 2 tomcat7 staff 4096 Sep 24 2014 company
> drwxrwxrwx 12 tomcat7 staff 4096 Dec 20 02:15 psnt
> drwxrwxrwx 9 tomcat7 staff 4096 Jan 27 16:34 user
>
> Can you give me a hint?
>
> Thank you very much for your help.
>
Best regards,
Konstantin Kolinko
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org