You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Karthik Nanjangude <ka...@xius-bcgi.com> on 2009/04/21 07:33:49 UTC
Apache / Tomcat Load Balanced mode
Hi
Would the same work with Apache / Tomcat Load Balanced mode
Configuration for single installation of the web application "acme"
"www.acme.com" being exposed to INTERNET
"www.acme.com/admin" being exposed to INTRANET
Reason : The application uses a single DB to request of orders (from Subscribers) and same URL with
*admin* would process the orders ( Internal Employees)
and should not be exposed to outside world.
Is there any Configuration with in Apache or Tomcat to achieve the same?
With regards
Karthik
RE: R: Apache / Tomcat Load Balanced mode
Posted by "Caldarale, Charles R" <Ch...@unisys.com>.
> From: André Warnier [mailto:aw@ice-sa.com]
> Subject: Re: R: Apache / Tomcat Load Balanced mode
>
> > http://tomcat.apache.org/tomcat-6.0-doc/config/valve.html
> > Remote Address Filter or Remote Host Filter
> >
> Wait, does that not block *all* accesses to that host ?
Yes, which is why I suggested a filter, which could be configured for just "/admin/*". I'm not aware of any means of configuring valves for specific URL patterns.
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: R: Apache / Tomcat Load Balanced mode
Posted by Mark Thomas <ma...@apache.org>.
André Warnier wrote:
> Mark Thomas wrote:
>> André Warnier wrote:
>>> Mark Thomas wrote:
>> I'd assumed that admin was a separate context and therefore could have a
>> valve applied. If not, just do it in httpd.
>>
> Do you mean that the <Valve> can be inserted at the context.xml level,
> rather than inside the <Host> ?
Yes. Valves are valid at Engine, Host and Context level.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: R: Apache / Tomcat Load Balanced mode
Posted by "Caldarale, Charles R" <Ch...@unisys.com>.
> From: André Warnier [mailto:aw@ice-sa.com]
> Subject: Re: R: Apache / Tomcat Load Balanced mode
>
> Do you mean that the <Valve> can be inserted at the context.xml level,
> rather than inside the <Host> ?
Yes. I had made the opposite assumption to Mark T, in that I thought admin was part of the ROOT context.
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: R: Apache / Tomcat Load Balanced mode
Posted by André Warnier <aw...@ice-sa.com>.
Mark Thomas wrote:
> André Warnier wrote:
>> Mark Thomas wrote:
>>> Caldarale, Charles R wrote:
>>>>> From: Karthik Nanjangude [mailto:karthik.nanjangude@xius-bcgi.com]
>>>>> Subject: RE: R: Apache / Tomcat Load Balanced mode
>>>>>
>>>>> But the intension for doing the same is NOT to expose the "/admin/*"
>>>>> to INTERNET and reply with ERROR 404 for the same,
>>>>>
>>>>> But in case of INTRANET usage access for "/admin/*" should be provided
>>>> Write a filter that rejects requests for /admin or /admin/* when the
>>>> request arrives from a non-intranet address.
>>> http://tomcat.apache.org/tomcat-6.0-doc/config/valve.html
>>> Remote Address Filter or Remote Host Filter
>>>
>> Wait, does that not block *all* accesses to that host ?
>
> I'd assumed that admin was a separate context and therefore could have a
> valve applied. If not, just do it in httpd.
>
Do you mean that the <Valve> can be inserted at the context.xml level,
rather than inside the <Host> ?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: R: Apache / Tomcat Load Balanced mode
Posted by Mark Thomas <ma...@apache.org>.
André Warnier wrote:
> Mark Thomas wrote:
>> Caldarale, Charles R wrote:
>>>> From: Karthik Nanjangude [mailto:karthik.nanjangude@xius-bcgi.com]
>>>> Subject: RE: R: Apache / Tomcat Load Balanced mode
>>>>
>>>> But the intension for doing the same is NOT to expose the "/admin/*"
>>>> to INTERNET and reply with ERROR 404 for the same,
>>>>
>>>> But in case of INTRANET usage access for "/admin/*" should be provided
>>> Write a filter that rejects requests for /admin or /admin/* when the
>>> request arrives from a non-intranet address.
>>
>> http://tomcat.apache.org/tomcat-6.0-doc/config/valve.html
>> Remote Address Filter or Remote Host Filter
>>
> Wait, does that not block *all* accesses to that host ?
I'd assumed that admin was a separate context and therefore could have a
valve applied. If not, just do it in httpd.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: R: Apache / Tomcat Load Balanced mode
Posted by André Warnier <aw...@ice-sa.com>.
Mark Thomas wrote:
> Caldarale, Charles R wrote:
>>> From: Karthik Nanjangude [mailto:karthik.nanjangude@xius-bcgi.com]
>>> Subject: RE: R: Apache / Tomcat Load Balanced mode
>>>
>>> But the intension for doing the same is NOT to expose the "/admin/*"
>>> to INTERNET and reply with ERROR 404 for the same,
>>>
>>> But in case of INTRANET usage access for "/admin/*" should be provided
>> Write a filter that rejects requests for /admin or /admin/* when the request arrives from a non-intranet address.
>
> http://tomcat.apache.org/tomcat-6.0-doc/config/valve.html
> Remote Address Filter or Remote Host Filter
>
Wait, does that not block *all* accesses to that host ?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: R: Apache / Tomcat Load Balanced mode
Posted by Mark Thomas <ma...@apache.org>.
Caldarale, Charles R wrote:
>> From: Karthik Nanjangude [mailto:karthik.nanjangude@xius-bcgi.com]
>> Subject: RE: R: Apache / Tomcat Load Balanced mode
>>
>> But the intension for doing the same is NOT to expose the "/admin/*"
>> to INTERNET and reply with ERROR 404 for the same,
>>
>> But in case of INTRANET usage access for "/admin/*" should be provided
>
> Write a filter that rejects requests for /admin or /admin/* when the request arrives from a non-intranet address.
http://tomcat.apache.org/tomcat-6.0-doc/config/valve.html
Remote Address Filter or Remote Host Filter
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: R: Apache / Tomcat Load Balanced mode
Posted by "Caldarale, Charles R" <Ch...@unisys.com>.
> From: Karthik Nanjangude [mailto:karthik.nanjangude@xius-bcgi.com]
> Subject: RE: R: Apache / Tomcat Load Balanced mode
>
> But the intension for doing the same is NOT to expose the "/admin/*"
> to INTERNET and reply with ERROR 404 for the same,
>
> But in case of INTRANET usage access for "/admin/*" should be provided
Write a filter that rejects requests for /admin or /admin/* when the request arrives from a non-intranet address.
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: R: Apache / Tomcat Load Balanced mode
Posted by Karthik Nanjangude <ka...@xius-bcgi.com>.
Hi
Thx for the reply
>> restrict based on roles so in /conf/tomcat-users.xml
By using the AAA Realm, UserId / Passwd would be definitely an usage ,
But the intension for doing the same is NOT to expose the "/admin/*" to INTERNET and reply with ERROR 404 for the same,
But in case of INTRANET usage access for "/admin/*" should be provided
Note:-
The admin also has a set of Log-in credentials as similar to normal
"non admin" case, So using realm would double up the process un-necessarily.
Please appreciate this process for more ideas !
With regards
Karthik
-----Original Message-----
From: Martin Gainty [mailto:mgainty@hotmail.com]
Sent: Tuesday, April 21, 2009 8:10 PM
To: Tomcat Users List
Subject: RE: R: Apache / Tomcat Load Balanced mode
you can restrict based on roles so in /conf/tomcat-users.xml you can define username fubar
to role 'newrole'
<user username="fubar" password="fubar" roles="newrole"/>
then in WebAppName/WEB/INF/web.xml
<!-- Define a Security Constraint on this Application -->
<security-constraint>
<web-resource-collection>
<web-resource-name>HTMLManger and Manager command</web-resource-name>
<url-pattern>/admin/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<!-- NOTE: This role is not present in the default users file -->
<role-name>newrole</role-name>
</auth-constraint>
<security-role>
<role-name>newrole</role-name>
</security-role>
</security-constraint>
any access to YourWebAppName/admin are enabled only to role='newrole'
Martin
______________________________________________
Disclaimer and Confidentiality/Verzicht und Vertraulichkeitanmerkung / Note de déni et de confidentialité
This message is confidential. If you should not be the intended receiver, then we ask politely to report. Each unauthorized forwarding or manufacturing of a copy is inadmissible. This message serves only for the exchange of information and has no legal binding effect. Due to the easy manipulation of emails we cannot take responsibility over the the contents.
Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen.
Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité pour le contenu fourni.
> From: karthik.nanjangude@xius-bcgi.com
> To: users@tomcat.apache.org
> Date: Tue, 21 Apr 2009 18:19:42 +0530
> Subject: RE: R: Apache / Tomcat Load Balanced mode
>
> Hi
>
> Thx for the same
>
> Web application would be installed on 3 nodes of Tomcat below the single load balancer of Apache http 2.x server
>
> >> "www.acme.com" being exposed to INTERNET
> >>
> >> "www.acme.com/admin" being exposed to INTRANET
>
>
>
> We would like to block the "/admin" from the INTERNET access
> If some body uses "/admin" the response should be blocked
>
> If the same "/admin" is to be used within the INTRANET local access
> We should be able to display the credentials
>
>
> How To achieve the same ?
>
>
> With regards
> karthik
>
>
>
>
>
>
>
> -----Original Message-----
> From: Rainer Jung [mailto:rainer.jung@kippdata.de]
> Sent: Tuesday, April 21, 2009 12:51 PM
> To: Tomcat Users List
> Subject: Re: R: Apache / Tomcat Load Balanced mode
>
> On 21.04.2009 09:06, Leandro Dardini wrote:
> >
> >
> >> -----Messaggio originale----- Da: Karthik Nanjangude
> >> [mailto:karthik.nanjangude@xius-bcgi.com] Inviato: martedì 21
> >> aprile 2009 7.34 A: Tomcat Users List Oggetto: Apache / Tomcat Load
> >> Balanced mode
> >>
> >> Hi
> >>
> >> Would the same work with Apache / Tomcat Load Balanced mode
> >>
> >> Configuration for single installation of the web application
> >> "acme"
> >>
> >>
> >> "www.acme.com" being exposed to INTERNET
> >>
> >> "www.acme.com/admin" being exposed to INTRANET
> >>
> >>
> >> Reason : The application uses a single DB to request of orders
> >> (from Subscribers) and same URL with *admin* would process the
> >> orders ( Internal Employees) and should not be exposed to outside
> >> world.
> >>
> >>
> >> Is there any Configuration with in Apache or Tomcat to achieve the
> >> same?
> >>
> >>
> >>
> >> With regards Karthik
> >>
> >>
> >
> > Maybe I don't understand your question, but to me there is no
> > difference in configuring access in Load Balanced or not Load
> > Balanced mode.
> >
> > As regarding the admin section, you can filter it using apache access
> > control.
>
> I agree, load balancing seems to be not related to the question.
>
> One first decision would be, whether you are able to deploy your
> application twice, once as the ROOT context and once as admin. Then
> everything will become obvious.
>
> If you only want to deploy it once, e.g. as admin, then you will need to
> do URL rewriting in the Apache-Layer. When using mod_proxy, you can find
> info about that at
>
> http://httpd.apache.org/docs/2.2/mod/mod_proxy.html
>
> When using mod_jk, look at
>
> http://tomcat.apache.org/connectors-doc/generic_howto/proxy.html
>
> Regards,
>
> Rainer
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
_________________________________________________________________
Rediscover Hotmail®: Get quick friend updates right in your inbox.
http://windowslive.com/RediscoverHotmail?ocid=TXT_TAGLM_WL_HM_Rediscover_Updates2_042009
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: R: Apache / Tomcat Load Balanced mode
Posted by Martin Gainty <mg...@hotmail.com>.
you can restrict based on roles so in /conf/tomcat-users.xml you can define username fubar
to role 'newrole'
<user username="fubar" password="fubar" roles="newrole"/>
then in WebAppName/WEB/INF/web.xml
<!-- Define a Security Constraint on this Application -->
<security-constraint>
<web-resource-collection>
<web-resource-name>HTMLManger and Manager command</web-resource-name>
<url-pattern>/admin/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<!-- NOTE: This role is not present in the default users file -->
<role-name>newrole</role-name>
</auth-constraint>
<security-role>
<role-name>newrole</role-name>
</security-role>
</security-constraint>
any access to YourWebAppName/admin are enabled only to role='newrole'
Martin
______________________________________________
Disclaimer and Confidentiality/Verzicht und Vertraulichkeitanmerkung / Note de déni et de confidentialité
This message is confidential. If you should not be the intended receiver, then we ask politely to report. Each unauthorized forwarding or manufacturing of a copy is inadmissible. This message serves only for the exchange of information and has no legal binding effect. Due to the easy manipulation of emails we cannot take responsibility over the the contents.
Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen.
Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité pour le contenu fourni.
> From: karthik.nanjangude@xius-bcgi.com
> To: users@tomcat.apache.org
> Date: Tue, 21 Apr 2009 18:19:42 +0530
> Subject: RE: R: Apache / Tomcat Load Balanced mode
>
> Hi
>
> Thx for the same
>
> Web application would be installed on 3 nodes of Tomcat below the single load balancer of Apache http 2.x server
>
> >> "www.acme.com" being exposed to INTERNET
> >>
> >> "www.acme.com/admin" being exposed to INTRANET
>
>
>
> We would like to block the "/admin" from the INTERNET access
> If some body uses "/admin" the response should be blocked
>
> If the same "/admin" is to be used within the INTRANET local access
> We should be able to display the credentials
>
>
> How To achieve the same ?
>
>
> With regards
> karthik
>
>
>
>
>
>
>
> -----Original Message-----
> From: Rainer Jung [mailto:rainer.jung@kippdata.de]
> Sent: Tuesday, April 21, 2009 12:51 PM
> To: Tomcat Users List
> Subject: Re: R: Apache / Tomcat Load Balanced mode
>
> On 21.04.2009 09:06, Leandro Dardini wrote:
> >
> >
> >> -----Messaggio originale----- Da: Karthik Nanjangude
> >> [mailto:karthik.nanjangude@xius-bcgi.com] Inviato: martedì 21
> >> aprile 2009 7.34 A: Tomcat Users List Oggetto: Apache / Tomcat Load
> >> Balanced mode
> >>
> >> Hi
> >>
> >> Would the same work with Apache / Tomcat Load Balanced mode
> >>
> >> Configuration for single installation of the web application
> >> "acme"
> >>
> >>
> >> "www.acme.com" being exposed to INTERNET
> >>
> >> "www.acme.com/admin" being exposed to INTRANET
> >>
> >>
> >> Reason : The application uses a single DB to request of orders
> >> (from Subscribers) and same URL with *admin* would process the
> >> orders ( Internal Employees) and should not be exposed to outside
> >> world.
> >>
> >>
> >> Is there any Configuration with in Apache or Tomcat to achieve the
> >> same?
> >>
> >>
> >>
> >> With regards Karthik
> >>
> >>
> >
> > Maybe I don't understand your question, but to me there is no
> > difference in configuring access in Load Balanced or not Load
> > Balanced mode.
> >
> > As regarding the admin section, you can filter it using apache access
> > control.
>
> I agree, load balancing seems to be not related to the question.
>
> One first decision would be, whether you are able to deploy your
> application twice, once as the ROOT context and once as admin. Then
> everything will become obvious.
>
> If you only want to deploy it once, e.g. as admin, then you will need to
> do URL rewriting in the Apache-Layer. When using mod_proxy, you can find
> info about that at
>
> http://httpd.apache.org/docs/2.2/mod/mod_proxy.html
>
> When using mod_jk, look at
>
> http://tomcat.apache.org/connectors-doc/generic_howto/proxy.html
>
> Regards,
>
> Rainer
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
_________________________________________________________________
Rediscover Hotmail®: Get quick friend updates right in your inbox.
http://windowslive.com/RediscoverHotmail?ocid=TXT_TAGLM_WL_HM_Rediscover_Updates2_042009
RE: R: Apache / Tomcat Load Balanced mode
Posted by Karthik Nanjangude <ka...@xius-bcgi.com>.
Hi
Thx for the same
Web application would be installed on 3 nodes of Tomcat below the single load balancer of Apache http 2.x server
>> "www.acme.com" being exposed to INTERNET
>>
>> "www.acme.com/admin" being exposed to INTRANET
We would like to block the "/admin" from the INTERNET access
If some body uses "/admin" the response should be blocked
If the same "/admin" is to be used within the INTRANET local access
We should be able to display the credentials
How To achieve the same ?
With regards
karthik
-----Original Message-----
From: Rainer Jung [mailto:rainer.jung@kippdata.de]
Sent: Tuesday, April 21, 2009 12:51 PM
To: Tomcat Users List
Subject: Re: R: Apache / Tomcat Load Balanced mode
On 21.04.2009 09:06, Leandro Dardini wrote:
>
>
>> -----Messaggio originale----- Da: Karthik Nanjangude
>> [mailto:karthik.nanjangude@xius-bcgi.com] Inviato: martedì 21
>> aprile 2009 7.34 A: Tomcat Users List Oggetto: Apache / Tomcat Load
>> Balanced mode
>>
>> Hi
>>
>> Would the same work with Apache / Tomcat Load Balanced mode
>>
>> Configuration for single installation of the web application
>> "acme"
>>
>>
>> "www.acme.com" being exposed to INTERNET
>>
>> "www.acme.com/admin" being exposed to INTRANET
>>
>>
>> Reason : The application uses a single DB to request of orders
>> (from Subscribers) and same URL with *admin* would process the
>> orders ( Internal Employees) and should not be exposed to outside
>> world.
>>
>>
>> Is there any Configuration with in Apache or Tomcat to achieve the
>> same?
>>
>>
>>
>> With regards Karthik
>>
>>
>
> Maybe I don't understand your question, but to me there is no
> difference in configuring access in Load Balanced or not Load
> Balanced mode.
>
> As regarding the admin section, you can filter it using apache access
> control.
I agree, load balancing seems to be not related to the question.
One first decision would be, whether you are able to deploy your
application twice, once as the ROOT context and once as admin. Then
everything will become obvious.
If you only want to deploy it once, e.g. as admin, then you will need to
do URL rewriting in the Apache-Layer. When using mod_proxy, you can find
info about that at
http://httpd.apache.org/docs/2.2/mod/mod_proxy.html
When using mod_jk, look at
http://tomcat.apache.org/connectors-doc/generic_howto/proxy.html
Regards,
Rainer
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: R: Apache / Tomcat Load Balanced mode
Posted by Rainer Jung <ra...@kippdata.de>.
On 21.04.2009 09:06, Leandro Dardini wrote:
>
>
>> -----Messaggio originale----- Da: Karthik Nanjangude
>> [mailto:karthik.nanjangude@xius-bcgi.com] Inviato: martedì 21
>> aprile 2009 7.34 A: Tomcat Users List Oggetto: Apache / Tomcat Load
>> Balanced mode
>>
>> Hi
>>
>> Would the same work with Apache / Tomcat Load Balanced mode
>>
>> Configuration for single installation of the web application
>> "acme"
>>
>>
>> "www.acme.com" being exposed to INTERNET
>>
>> "www.acme.com/admin" being exposed to INTRANET
>>
>>
>> Reason : The application uses a single DB to request of orders
>> (from Subscribers) and same URL with *admin* would process the
>> orders ( Internal Employees) and should not be exposed to outside
>> world.
>>
>>
>> Is there any Configuration with in Apache or Tomcat to achieve the
>> same?
>>
>>
>>
>> With regards Karthik
>>
>>
>
> Maybe I don't understand your question, but to me there is no
> difference in configuring access in Load Balanced or not Load
> Balanced mode.
>
> As regarding the admin section, you can filter it using apache access
> control.
I agree, load balancing seems to be not related to the question.
One first decision would be, whether you are able to deploy your
application twice, once as the ROOT context and once as admin. Then
everything will become obvious.
If you only want to deploy it once, e.g. as admin, then you will need to
do URL rewriting in the Apache-Layer. When using mod_proxy, you can find
info about that at
http://httpd.apache.org/docs/2.2/mod/mod_proxy.html
When using mod_jk, look at
http://tomcat.apache.org/connectors-doc/generic_howto/proxy.html
Regards,
Rainer
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
R: Apache / Tomcat Load Balanced mode
Posted by Leandro Dardini <l....@comune.prato.it>.
> -----Messaggio originale-----
> Da: Karthik Nanjangude [mailto:karthik.nanjangude@xius-bcgi.com]
> Inviato: martedì 21 aprile 2009 7.34
> A: Tomcat Users List
> Oggetto: Apache / Tomcat Load Balanced mode
>
> Hi
>
> Would the same work with Apache / Tomcat Load Balanced mode
>
> Configuration for single installation of the web application "acme"
>
>
> "www.acme.com" being exposed to INTERNET
>
> "www.acme.com/admin" being exposed to INTRANET
>
>
> Reason : The application uses a single DB to request of
> orders (from Subscribers) and same URL with
> *admin* would process the orders ( Internal Employees)
> and should not be exposed to outside world.
>
>
> Is there any Configuration with in Apache or Tomcat to
> achieve the same?
>
>
>
> With regards
> Karthik
>
>
Maybe I don't understand your question, but to me there is no difference in configuring access in Load Balanced or not Load Balanced mode.
As regarding the admin section, you can filter it using apache access control.
Leandro
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org