Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to allow/restrict access to tomcat server for certain computer names?

Tags:

tomcat

I opened a server on my computer . All my friends who are on the same network are able to access it from their computers . But I want to let only one of my friends access . So i tried to write the following in my context.xml

<Context>
    <Valve className="org.apache.catalina.valves.RemoteAddrValve"
        allow="myFriendsComputerName"
    />
</Context>

He got error 403 denied access .


Then I tried

<Context>
    <Valve className="org.apache.catalina.valves.RemoteAddrValve"
        allow="127\.0\.0\.1"
    />
</Context>

This restricted my own computer from accessing .

What is the issue with my context.xml

like image 667
CHEBURASHKA Avatar asked Mar 04 '14 02:03

CHEBURASHKA


Video Answer


1 Answers

RemoteAddrValve always uses IP addresses. If you want to restrict by hostname, you want to use RemoteHostValve. Note that you are using regular expressions, so you can match part of a client's hostname if you want (but it will be somewhat less secure).

Also note that if DNS resolution has been disabled on your server, you'll still be comparing against the remote client's IP address, so you probably want an IP-fallback by allowing either hostnames or IP addresses.

like image 78
Christopher Schultz Avatar answered Oct 08 '22 05:10

Christopher Schultz