You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2003/10/13 08:42:11 UTC

DO NOT REPLY [Bug 23759] New: - allow web.xml security-constraint to restrict by request-origin-host or used-port

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23759>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23759

allow web.xml security-constraint  to restrict by request-origin-host or used-port

           Summary: allow web.xml security-constraint  to restrict by
                    request-origin-host or used-port
           Product: Tomcat 4
           Version: 4.1.28
          Platform: Other
               URL: http://www.cafesoft.com/products/cams/tomcat-
                    security.html
        OS/Version: Other
            Status: NEW
          Severity: Enhancement
          Priority: Other
         Component: Catalina
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: hauser@acm.org


it would be great to be able to restrict access by port or origin host or to
have "Deny lists" as described in the above URL e.g. 
to allow a cron-job (struts) action only be triggered from my server's LAN or
such that this particular action can only be triggered if the request to do so
comes in via a specified non-standard port that is not open on my firewall.

P.S.: Is there anywhere a comprehensive description of what can be done with
security-constraints?

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org