You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Jobish P <jo...@ncsi.iisc.ernet.in> on 2005/04/04 12:46:31 UTC
IP based restriction
Hi all,
I am a newbie to Tomcat. I have installed Tomcat 5.0.19 on Redhat LInux 9,
and going fine. I would like to restrict some of my directories to certain
IP's only, say a range of IP. How can I restrict access to a directory in
/tomcat/webappas/ROOT on the basis of IP ? I tried with valves, but not
sure how to restrict the restriction only to particular directories.
It will be of nice if you could provide a solution,
cheers,
-------------------------------------------------------------------------------
JOBISH P
NCSI
Indian Institute of Science
Bangalore-12
--------------------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: IP based restriction
Posted by Tim Funk <fu...@joedog.org>.
There is nothing that restricts on a directory level. You'd need to write
your own servlet filter.
-Tim
Jobish P wrote:
> Hi all,
>
> I am a newbie to Tomcat. I have installed Tomcat 5.0.19 on Redhat LInux 9,
> and going fine. I would like to restrict some of my directories to certain
> IP's only, say a range of IP. How can I restrict access to a directory in
> /tomcat/webappas/ROOT on the basis of IP ? I tried with valves, but not
> sure how to restrict the restriction only to particular directories.
>
> It will be of nice if you could provide a solution,
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: IP based restriction
Posted by haim <ha...@012.net.il>.
Try the following filer class
Add this to web.xml
<filter>
<filter-name>AccessControl</filter-name>
<filter-class>package.AccessControl</filter-class>
</filter>
<filter-mapping>
<filter-name>AccessControl</filter-name>
<url-pattern>/directoryName/*</url-pattern>
</filter-mapping>
import java.io.IOException;
import java.util.Properties;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* @author haim
*/
public class AccessControl implements Filter {
/* (non-Javadoc)
* @see javax.servlet.Filter#init(javax.servlet.FilterConfig)
*/
public void init(FilterConfig arg0) throws ServletException {
System.out.println("Init AccessControl");
}
/**
* Filter the pages accessing back office by their IP address prefix.
* The following must be set in order to keep this filter working
* 1. Setting of the filter in the web.xml file
* 2. Defining address prefix in the main.properties file by
defining the
* key access.filter
* @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest,
javax.servlet.ServletResponse, javax.servlet.FilterChain)
*/
public void doFilter(ServletRequest request, ServletResponse
response, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest httpReq = (HttpServletRequest) request;
HttpServletResponse httpResp = (HttpServletResponse) response;
String remoteAddress=request.getRemoteAddr();
System.out.println("Backoffice Access request from "+
remoteAddress);
//allow only ip's starting with 10.0.
if(remoteAddress.startsWith("10.0.")){
System.out.println("Access aproved");
}else{
System.out.println("Access rejected!");
httpResp.sendError(HttpServletResponse.SC_FORBIDDEN);
}
/*
* Process the rest of the filter chain, if any, and ultimately
* the requested servlet or JSP page.
*/
chain.doFilter(request, response);
}
}
Regards
Haim
Jobish P wrote:
>Hi all,
>
>I am a newbie to Tomcat. I have installed Tomcat 5.0.19 on Redhat LInux 9,
>and going fine. I would like to restrict some of my directories to certain
>IP's only, say a range of IP. How can I restrict access to a directory in
>/tomcat/webappas/ROOT on the basis of IP ? I tried with valves, but not
>sure how to restrict the restriction only to particular directories.
>
>It will be of nice if you could provide a solution,
>
>cheers,
>-------------------------------------------------------------------------------
>JOBISH P
>NCSI
>Indian Institute of Science
>Bangalore-12
>--------------------------------------------------------------------------------
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org