You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Ha...@tietoenator.com on 2008/10/30 06:17:37 UTC

Howto ip-protect a specific url in webapp?

Howto ip-protect a specific url in webapp?

Situation: We have a webapp /foo. It has to be accessible from the whole world. There's a foo's admin interface in /foo/admin. It has to be restricted by IP address so that it's allowed only from x.x.x.x.

I can restrict the whole /foo by using valve in "/etc/tomcat5/Catalina/localhost/foo.xml" but howto protect only /foo/admin?

I just can't figure out how to do this... have tried all the ways I can imagine without a success...


Thanks,

-Harry

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Re: Howto ip-protect a specific url in webapp?

Posted by Christopher Schultz <ch...@christopherschultz.net>.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Chuck,

Caldarale, Charles R wrote:
>> From: Harri.Paivaniemi@tietoenator.com
>> [mailto:Harri.Paivaniemi@tietoenator.com]
>> Subject: Howto ip-protect a specific url in webapp?
>>
>> I can restrict the whole /foo by using valve in
>> "/etc/tomcat5/Catalina/localhost/foo.xml" but howto protect
>> only /foo/admin?
> 
> Either put the check in the servlet that handles /foo/admin, or write your own valve that extends the existing RemoteAddrValve.

You could also use a filter. URLrewrite will do this for you if you
don't feel like writing one yourself (http://tuckey.org/urlrewrite/).

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkkQycsACgkQ9CaO5/Lv0PDUBgCcCRMOvtPpdTVO7L+3LglnlnDc
rRkAmwWcPLj0QTV7w9I2JekTXPoQWQYa
=DPbQ
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

RE: Howto ip-protect a specific url in webapp?

Posted by "Caldarale, Charles R" <Ch...@unisys.com>.

> From: Harri.Paivaniemi@tietoenator.com
> [mailto:Harri.Paivaniemi@tietoenator.com]
> Subject: Howto ip-protect a specific url in webapp?
>
> I can restrict the whole /foo by using valve in
> "/etc/tomcat5/Catalina/localhost/foo.xml" but howto protect
> only /foo/admin?

Either put the check in the servlet that handles /foo/admin, or write your own valve that extends the existing RemoteAddrValve.

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org