I am writing a filter to restrict access to the parts of the web application based on domain name.
In my doFilter method I added this code:
HttpServletRequest req = (HttpServletRequest) request;
String id = req.getSession().getId();
String ipaddress = req.getRemoteAddr();
unfortunately remoteHost contains IP address when the application is accessed via IIS-Tomcat integration. If it is accessed using http://localhost:8080
(without IIS) I get domain name in remoteHost. I have enabled lookups=true in both AJP 1.3 connector also
<!-- Define a Coyote/JK2 AJP 1.3 Connector on port 8009 -->
enableLookups="true" redirectPort="8443" debug="0"
Still I get ip address via req.getRemoteHost(). So I thought of using java.net package to do it:
String hostname = InetAddress.getAllByName( "184.108.40.206" ) .getHostName();
From java doc:
The InetAddress class has a cache to store successful as well as unsuccessful host name resolutions. The positive caching is there to guard against DNS spoofing attacks; while the negative caching is used to improve performance.
By default, the result of positive host name resolutions are cached forever, because there is no general rule to decide when it is safe to remove cache entries. The result of unsuccessful host name resolution is cached for a very short period of time (10 seconds) to improve performance.
"host name resolutions are cached forever"--> cached forever
To rectify this I would like to set a default time period for caching using jvm parameter "networkaddress.cache.ttl (default: -1) "
but how do I set this parameter for Tomcat 5 started as service in windows 2000. One option is to set the JAVA_OPTS environment variable... which our system admin do not want to use. Is there an alternative way to set the parameter.
Also, is there an easy way to access jvm parameters in Filter or servlet?
Thank you in advance for your help!!!