Abhi Joshi
asked on
Restrict Access to Your Tomcat Web Application
We are still using Tomcat 6.0 and plan to move to latest version by next year. Problem with current version is to set the access deny to our web-application.
I tried adding valve with webapps/META-INF/context.x ml file as below but nothing works. Can you please provide a fix.
Do you guys have any another solution as I want to restrict outside users from accessing Manager view and it will be accessible only from localhost?
Best Regards
I tried adding valve with webapps/META-INF/context.x
<Context antiJARLocking="true" path="/">
<Valve className="org.apache.catalina.valves.RemoteIpValve" />
<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="{IP_address}" />
</Context>
Or
<Context antiResourceLocking="false" privileged="true">
<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127\.0\.0\.1,8\.8\.4\..*"/>
</Context>
Do you guys have any another solution as I want to restrict outside users from accessing Manager view and it will be accessible only from localhost?
Best Regards
ASKER
Hey,
Thanks for getting back. Actually manager.xml is present inside manager folder. It's accessable from everywhere but require manager pwd and username. I just want to limit it to localhost and remotehost should not be able to get it. I tried adding valve inside manger.xml but not sure why it's not getting read by system.
Please let me know if need more details.
Best Regards
Thanks for getting back. Actually manager.xml is present inside manager folder. It's accessable from everywhere but require manager pwd and username. I just want to limit it to localhost and remotehost should not be able to get it. I tried adding valve inside manger.xml but not sure why it's not getting read by system.
Please let me know if need more details.
Best Regards
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Per your question, Tomcat won't pick up your context unless you name it correctly. The file name, and your reference to it. We can't tell from what you've posted, but something like:
* create file conf/Catalina/localhost/ma
manager.xml should look something like this:
<Context privileged="true" antiResourceLocking="false
docBase="${catalina.home}/
<Valve className="org.apache.cata
</Context>
You change the allow= regular expression to match the ip address you want.