You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Zohar <da...@hotmail.com> on 2006/04/06 16:10:50 UTC
access control
Hello list,
I have a few servlets which are deployed to different contexts (each servlet to its own context).
One of these servlets acts as an interface to clients, and it forwards the requests from clients to the appropriate servlets.
I don't want any of the non-interface servlets to be accessible to clients (but they must still be accessible to the interface servlet).
How do I do that?
Thanks,
Zohar.
Re: access control
Posted by Zohar <da...@hotmail.com>.
Can I grant access to some jsp pages and deny access to others (in the same
context)?
----- Original Message -----
From: "Markus Schönhaber" <ma...@schoenhaber.de>
To: "Tomcat Users List" <us...@tomcat.apache.org>
Sent: Thursday, April 06, 2006 17:23
Subject: Re: access control
> Zohar wrote:
>> I have a few servlets which are deployed to different contexts (each
>> servlet to its own context). One of these servlets acts as an interface
>> to
>> clients, and it forwards the requests from clients to the appropriate
>> servlets. I don't want any of the non-interface servlets to be accessible
>> to clients (but they must still be accessible to the interface servlet).
>> How do I do that?
>
> You could, for example, use a Remote Address Filter or a Remote Host
> Filter
> for the contexts you don't want to be accessible:
> http://tomcat.apache.org/tomcat-5.5-doc/config/valve.html#Remote%20Address%20Filter
>
> But would you mind to elaborate a little why you put servlets into
> contexts
> you don't want to be accessible or why it is neccessary for those
> "non-interface servlets" to be servlets at all?
>
> Regards
> mks
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Wiadomosc zostala zmieniona przez niepowolane osoby
Posted by Mikolaj <jo...@o2.pl>.
--
Ten list zosta³ przeskanowany przez program ArcaMail
Silnik (2006-01-25/2006-04-05)
This message has been scanned by ArcaMail
Engine (2006-01-25/2006-04-05)
http://www.mks.com.pl
Re: access control
Posted by Markus Schönhaber <ma...@schoenhaber.de>.
Zohar wrote:
> They used to be all "interface" servlets, but then I unified all external
> interface access into one simple servlet that forwards the request to the
> appropriate service. This way it should be easier to control the access to
> that context (e.g., protect it with a password, deny access to "internal"
> services, etc.). The "internal" contexts also provide service to other
> internal servers.
Ah, I see.
Regards
mks
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: access control
Posted by Zohar <da...@hotmail.com>.
They used to be all "interface" servlets, but then I unified all external
interface access into one simple servlet that forwards the request to the
appropriate service. This way it should be easier to control the access to
that context (e.g., protect it with a password, deny access to "internal"
services, etc.). The "internal" contexts also provide service to other
internal servers.
----- Original Message -----
From: "Markus Schönhaber" <ma...@schoenhaber.de>
To: "Tomcat Users List" <us...@tomcat.apache.org>
Sent: Thursday, April 06, 2006 17:23
Subject: Re: access control
> Zohar wrote:
>> I have a few servlets which are deployed to different contexts (each
>> servlet to its own context). One of these servlets acts as an interface
>> to
>> clients, and it forwards the requests from clients to the appropriate
>> servlets. I don't want any of the non-interface servlets to be accessible
>> to clients (but they must still be accessible to the interface servlet).
>> How do I do that?
>
> You could, for example, use a Remote Address Filter or a Remote Host
> Filter
> for the contexts you don't want to be accessible:
> http://tomcat.apache.org/tomcat-5.5-doc/config/valve.html#Remote%20Address%20Filter
>
> But would you mind to elaborate a little why you put servlets into
> contexts
> you don't want to be accessible or why it is neccessary for those
> "non-interface servlets" to be servlets at all?
>
> Regards
> mks
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: access control
Posted by Markus Schönhaber <ma...@schoenhaber.de>.
Zohar wrote:
> I have a few servlets which are deployed to different contexts (each
> servlet to its own context). One of these servlets acts as an interface to
> clients, and it forwards the requests from clients to the appropriate
> servlets. I don't want any of the non-interface servlets to be accessible
> to clients (but they must still be accessible to the interface servlet).
> How do I do that?
You could, for example, use a Remote Address Filter or a Remote Host Filter
for the contexts you don't want to be accessible:
http://tomcat.apache.org/tomcat-5.5-doc/config/valve.html#Remote%20Address%20Filter
But would you mind to elaborate a little why you put servlets into contexts
you don't want to be accessible or why it is neccessary for those
"non-interface servlets" to be servlets at all?
Regards
mks
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org