You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Sebastien Moretti <Se...@unil.ch> on 2007/08/24 15:21:33 UTC

filter IP for a webapps through mod_jk

Hi,

after some days of tries and research I was able to run properly tomcat 
(5.5.23), apache 2 and mod_jk for the same machine.

So now, my webapps are reachable with both URLs:
http://www.fake.com/webapps
or
http://www.fake.com:8080/webapps


As I understood mod_jk, apache/mod_jk looks in localhost (tomcat and 
apache are on the same machine for me) to reach tomcat.

Thus, I would like to deny access for webapps through port 8080, but not 
for all tomcat !
With it, only http://www.fake.com/webapps could be available.


I tried to add a context rule for webapps but webapps is no more reachable.
     <Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow="127.0.0.1"/>


How can I do ?
Thanks

-- 
Sébastien Moretti


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Re: Re: filter IP for a webapps through mod_jk

Posted by Sebastien Moretti <Se...@unil.ch>.

Tim Funk a écrit :
> Then you need to extend org.apache.catalina.valves.RemoteAddrValve to check the 
> port (and other customizations as needed)
> 
> 
> 
> -Tim

I will try this.
Thanks

> Sebastien Moretti wrote:
>> ian.blenk@dsl.pipex.com a écrit :
>>
>> I would like to deny access for my webapps through port 8080 and to 
>> allow access for other webapps via 8080 port.
>> But I will allow access for webapps I need via apache only.
>>
>> Thanks
>>
>>>> Hi,
>>>>
>>>> after some days of tries and research I was able to run properly 
>>>> tomcat (5.5.23), apache 2 and mod_jk for the same machine.
>>>>
>>>> So now, my webapps are reachable with both URLs:
>>>> http://www.fake.com/webapps
>>>> or
>>>> http://www.fake.com:8080/webapps
>>>>
>>>>
>>>> As I understood mod_jk, apache/mod_jk looks in localhost (tomcat and 
>>>> apache are on the same machine for me) to reach tomcat.
>>>>
>>>> Thus, I would like to deny access for webapps through port 8080, but 
>>>> not for all tomcat !
>>>> With it, only http://www.fake.com/webapps could be available.
>>>>
>>>>
>>>> I tried to add a context rule for webapps but webapps is no more 
>>>> reachable.
>>>>      <Valve className="org.apache.catalina.valves.RemoteAddrValve"
>>>>          allow="127.0.0.1"/>

-- 
Sébastien Moretti


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Re: filter IP for a webapps through mod_jk

Posted by Tim Funk <fu...@joedog.org>.

Then you need to extend org.apache.catalina.valves.RemoteAddrValve to 
check the port (and other customizations as needed)



-Tim

Sebastien Moretti wrote:
> ian.blenk@dsl.pipex.com a écrit :
> 
> I would like to deny access for my webapps through port 8080 and to 
> allow access for other webapps via 8080 port.
> But I will allow access for webapps I need via apache only.
> 
> Thanks
> 
>>> Hi,
>>>
>>> after some days of tries and research I was able to run properly 
>>> tomcat (5.5.23), apache 2 and mod_jk for the same machine.
>>>
>>> So now, my webapps are reachable with both URLs:
>>> http://www.fake.com/webapps
>>> or
>>> http://www.fake.com:8080/webapps
>>>
>>>
>>> As I understood mod_jk, apache/mod_jk looks in localhost (tomcat and 
>>> apache are on the same machine for me) to reach tomcat.
>>>
>>> Thus, I would like to deny access for webapps through port 8080, but 
>>> not for all tomcat !
>>> With it, only http://www.fake.com/webapps could be available.
>>>
>>>
>>> I tried to add a context rule for webapps but webapps is no more 
>>> reachable.
>>>      <Valve className="org.apache.catalina.valves.RemoteAddrValve"
>>>          allow="127.0.0.1"/>
>>>

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Re: Re: filter IP for a webapps through mod_jk

Posted by Sebastien Moretti <Se...@unil.ch>.

ian.blenk@dsl.pipex.com a écrit :
> Hi,
> 
> Try removing <Connector port="8080" ...> element from your tomcat server.xml
> 

I tried several things but it seems to be the simple one.

I would like to deny access for my webapps through port 8080 and to 
allow access for other webapps via 8080 port.
But I will allow access for webapps I need via apache only.

Thanks

>> Hi,
>>
>> after some days of tries and research I was able to run properly tomcat 
>> (5.5.23), apache 2 and mod_jk for the same machine.
>>
>> So now, my webapps are reachable with both URLs:
>> http://www.fake.com/webapps
>> or
>> http://www.fake.com:8080/webapps
>>
>>
>> As I understood mod_jk, apache/mod_jk looks in localhost (tomcat and 
>> apache are on the same machine for me) to reach tomcat.
>>
>> Thus, I would like to deny access for webapps through port 8080, but not 
>> for all tomcat !
>> With it, only http://www.fake.com/webapps could be available.
>>
>>
>> I tried to add a context rule for webapps but webapps is no more reachable.
>>      <Valve className="org.apache.catalina.valves.RemoteAddrValve"
>>          allow="127.0.0.1"/>
>>
>>
>> How can I do ?
>> Thanks

-- 
Sébastien Moretti


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Re: filter IP for a webapps through mod_jk

Posted by ia...@dsl.pipex.com.

Hi,

Try removing <Connector port="8080" ...> element from your tomcat server.xml



Quoting Sebastien Moretti <Se...@unil.ch>:

> Hi,
> 
> after some days of tries and research I was able to run properly tomcat 
> (5.5.23), apache 2 and mod_jk for the same machine.
> 
> So now, my webapps are reachable with both URLs:
> http://www.fake.com/webapps
> or
> http://www.fake.com:8080/webapps
> 
> 
> As I understood mod_jk, apache/mod_jk looks in localhost (tomcat and 
> apache are on the same machine for me) to reach tomcat.
> 
> Thus, I would like to deny access for webapps through port 8080, but not 
> for all tomcat !
> With it, only http://www.fake.com/webapps could be available.
> 
> 
> I tried to add a context rule for webapps but webapps is no more reachable.
>      <Valve className="org.apache.catalina.valves.RemoteAddrValve"
>          allow="127.0.0.1"/>
> 
> 
> How can I do ?
> Thanks
> 
> -- 
> Sébastien Moretti
> 
> 
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 
> 


-- 

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org