You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Leo Donahue - PLANDEVX <Le...@mail.maricopa.gov> on 2006/06/08 20:13:23 UTC
RE: [SPAM:] - RE: Restricting access to localhost for an HTTP connector - Email has different SMTP TO: and MIME TO: fields in the email addresses
In your server.xml you will add an address element and specify it as:
127.0.0.1
<!-- Define a non-SSL Coyote HTTP/1.1 Connector on the port
specified
during installation -->
<Connector
address="127.0.0.1"
port="8080" maxThreads="150" minSpareThreads="25"
maxSpareThreads="75"
enableLookups="false" redirectPort="8443"
acceptCount="100"
debug="0" connectionTimeout="20000"
disableUploadTimeout="true" />
Leo
________________________________
From: Mark Claassen [mailto:mclaassen@ocie.net]
Sent: Thursday, June 08, 2006 10:51 AM
To: 'Tomcat Users List'
Subject: [SPAM:] - RE: Restricting access to localhost for an HTTP
connector - Email has different SMTP TO: and MIME TO: fields in the
email addresses
Thanks. I thought I heard that it was possible though the address, but
was not sure. I read this in the docs, but I guess I didn't / don't
understand the short explanation of "address".
________________________________
From: Filip Hanik - Dev Lists [mailto:devlists@hanik.com]
Sent: Thursday, June 08, 2006 1:24 PM
To: Tomcat Users List
Subject: Re: Restricting access to localhost for an HTTP connector
yes, you can bind the connector the 127.0.0.1, meaning it will only
listen on that address
use the "address" attribute in the connector
http://tomcat.apache.org/tomcat-5.5-doc/config/http.html
Mark Claassen wrote:
Is there to configure an HTTP Connector to only allow
connections from
localhost? We have a server that has an HTTPS port that handles
all public
access. However, we would like to leave a non SSL port open for
a
monitoring program we have running on the same machine. We
would like to
not allow anyone else to be able to access the non-SSL port.
I know that the apache webserver has mechanism to do this, but I
was
wondering if a standalone tomcat could also do what we need.
Thanks,
Mark
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
--
Filip Hanik
Re: Restricting access to localhost for an HTTP connector - Email has different SMTP TO: and MIME TO: fields in the email addresses
Posted by Marc Farrow <ma...@gmail.com>.
I think the address tag will accept a regular expression. So you could put
a negative 127.0.01 address entry in there. I am not good at regular
expressions so google them.
On 6/12/06, Mark Claassen <mc...@ocie.net> wrote:
>
> Thanks for all your help and I have gotten it to work. It seems to be,
> however, dependant on the name it is being access by. I was hoping that I
> could just put 127.0.0.1 in there and then it would only accept
> connections
> from the local machine. It turns out that doing this only accepts
> connections that come in with this name.
>
> To clarify what I mean, here is an example:
> Say Tomcat is on a machine called TestMachine.
> If I put "127.0.0.1" in the address field, it accepts connections of the
> form "http: //127.0.0.1/..." only
> It does not accept connections from "http: //TestMachine/...", even though
> the server is this same machine.
> I was hoping that it would accept all connections from the local machine,
> regardless of what the connection was called.
>
> Is there a way to do this? Is this be design? Can IP spoofing get around
> this protection?
>
> Mark
>
> -----Original Message-----
> From: Leo Donahue - PLANDEVX [mailto:LeoDonahue@mail.maricopa.gov]
> Sent: Thursday, June 08, 2006 2:13 PM
> To: Tomcat Users List
> Subject: RE: [SPAM:] - RE: Restricting access to localhost for an HTTP
> connector - Email has different SMTP TO: and MIME TO: fields in the email
> addresses
>
> In your server.xml you will add an address element and specify it as:
> 127.0.0.1
>
> <!-- Define a non-SSL Coyote HTTP/1.1 Connector on the port specified
> during installation -->
> <Connector
> address="127.0.0.1"
> port="8080" maxThreads="150" minSpareThreads="25"
> maxSpareThreads="75"
> enableLookups="false" redirectPort="8443"
> acceptCount="100"
> debug="0" connectionTimeout="20000"
> disableUploadTimeout="true" />
>
>
> Leo
>
> ________________________________
>
> From: Mark Claassen [mailto:mclaassen@ocie.net]
> Sent: Thursday, June 08, 2006 10:51 AM
> To: 'Tomcat Users List'
> Subject: [SPAM:] - RE: Restricting access to localhost for an HTTP
> connector
> - Email has different SMTP TO: and MIME TO: fields in the email addresses
>
>
> Thanks. I thought I heard that it was possible though the address, but
> was not sure. I read this in the docs, but I guess I didn't / don't
> understand the short explanation of "address".
>
>
> ________________________________
>
> From: Filip Hanik - Dev Lists [mailto:devlists@hanik.com]
> Sent: Thursday, June 08, 2006 1:24 PM
> To: Tomcat Users List
> Subject: Re: Restricting access to localhost for an HTTP connector
>
>
> yes, you can bind the connector the 127.0.0.1, meaning it will only
> listen on that address
> use the "address" attribute in the connector
> http://tomcat.apache.org/tomcat-5.5-doc/config/http.html
>
>
> Mark Claassen wrote:
>
> Is there to configure an HTTP Connector to only allow
> connections from
> localhost? We have a server that has an HTTPS port that handles
> all public
> access. However, we would like to leave a non SSL port open for
> a
> monitoring program we have running on the same machine. We
> would like to
> not allow anyone else to be able to access the non-SSL port.
>
> I know that the apache webserver has mechanism to do this, but I
> was
> wondering if a standalone tomcat could also do what we need.
>
> Thanks,
> Mark
>
>
>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
>
>
>
> --
>
>
> Filip Hanik
>
>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
--
Marc Farrow
Re: [SPAM:] - RE: Restricting access to localhost for an HTTP connector
- Email has different SMTP TO: and MIME TO: fields in the email addresses
Posted by Mark Thomas <ma...@apache.org>.
Dan Toomey wrote:
> How do I get this tomcat email to stop? I have sent messages to unsubscribe
> to no avail.
You e-mail users-owner@tomcat.apache.org
I have removed you from the list.
Mark
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: [SPAM:] - RE: Restricting access to localhost for an HTTP connector - Email has different SMTP TO: and MIME TO: fields in the email addresses
Posted by Dan Toomey <da...@hotmail.com>.
How do I get this tomcat email to stop? I have sent messages to unsubscribe
to no avail.
-----Original Message-----
From: Leo Donahue - PLANDEVX [mailto:LeoDonahue@mail.maricopa.gov]
Sent: Thursday, June 08, 2006 2:13 PM
To: Tomcat Users List
Subject: RE: [SPAM:] - RE: Restricting access to localhost for an HTTP
connector - Email has different SMTP TO: and MIME TO: fields in the email
addresses
In your server.xml you will add an address element and specify it as:
127.0.0.1
<!-- Define a non-SSL Coyote HTTP/1.1 Connector on the port
specified
during installation -->
<Connector
address="127.0.0.1"
port="8080" maxThreads="150" minSpareThreads="25"
maxSpareThreads="75"
enableLookups="false" redirectPort="8443"
acceptCount="100"
debug="0" connectionTimeout="20000"
disableUploadTimeout="true" />
Leo
________________________________
From: Mark Claassen [mailto:mclaassen@ocie.net]
Sent: Thursday, June 08, 2006 10:51 AM
To: 'Tomcat Users List'
Subject: [SPAM:] - RE: Restricting access to localhost for an HTTP
connector - Email has different SMTP TO: and MIME TO: fields in the
email addresses
Thanks. I thought I heard that it was possible though the address, but
was not sure. I read this in the docs, but I guess I didn't / don't
understand the short explanation of "address".
________________________________
From: Filip Hanik - Dev Lists [mailto:devlists@hanik.com]
Sent: Thursday, June 08, 2006 1:24 PM
To: Tomcat Users List
Subject: Re: Restricting access to localhost for an HTTP connector
yes, you can bind the connector the 127.0.0.1, meaning it will only
listen on that address
use the "address" attribute in the connector
http://tomcat.apache.org/tomcat-5.5-doc/config/http.html
Mark Claassen wrote:
Is there to configure an HTTP Connector to only allow
connections from
localhost? We have a server that has an HTTPS port that handles
all public
access. However, we would like to leave a non SSL port open for
a
monitoring program we have running on the same machine. We
would like to
not allow anyone else to be able to access the non-SSL port.
I know that the apache webserver has mechanism to do this, but I
was
wondering if a standalone tomcat could also do what we need.
Thanks,
Mark
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
--
Filip Hanik
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org