Re: Custom valve, how to change role?

2009-06-19 Thread Bruce Edge
On Thu, Jun 18, 2009 at 3:28 PM, Caldarale, Charles R < chuck.caldar...@unisys.com> wrote: > > From: Bruce Edge [mailto:bruce.e...@gmail.com] > > Subject: Custom valve, how to change role? > > > > ...or am I completely off in left field and should scrap > > th

Custom valve, how to change role?

2009-06-18 Thread Bruce Edge
In an attempt, possibly misguided, to try avoid using securityfilter, I'm trying to write a valve to bypass the ssl authentication requirements of a service based on remote host addr. I've implemented a LocalValve that extends ValveBase and implements Valve. Given that I must implement this:

Re: Mix http and https on one tomcat server?

2009-06-18 Thread Bruce Edge
Bruce On Thu, Jun 18, 2009 at 2:33 PM, André Warnier wrote: > Bruce Edge wrote: > >> >>> André, >> thanks for your help. >> > > Well actually, forget all I said, it turns out that it was mostly nonsense. > The problem is, that if you use the cont

Re: Mix http and https on one tomcat server?

2009-06-18 Thread Bruce Edge
On Thu, Jun 18, 2009 at 2:10 PM, André Warnier wrote: > André Warnier wrote: > > Ooops. I forgot to add this : in the /thewebapp-internal, you should also > have a filter, this time which /blocks/ the request if it does /not/ come > from 127.0.0.1. Otherwise people not from 127.0.0.1 would be ab

Re: Mix http and https on one tomcat server?

2009-06-18 Thread Bruce Edge
On Wed, Jun 17, 2009 at 9:37 AM, Caldarale, Charles R < chuck.caldar...@unisys.com> wrote: > > From: Bruce Edge [mailto:bruce.e...@gmail.com] > > Subject: Re: Mix http and https on one tomcat server? > <...snip...> > > > but can it be setup to _not_ req

Re: Mix http and https on one tomcat server?

2009-06-17 Thread Bruce Edge
On Wed, Jun 17, 2009 at 8:39 AM, Caldarale, Charles R < chuck.caldar...@unisys.com> wrote: > > From: Bruce Edge [mailto:bruce.e...@gmail.com] > > Subject: Mix http and https on one tomcat server? > > > > Is it possible to deploy both http and https on the same >

Mix http and https on one tomcat server?

2009-06-17 Thread Bruce Edge
Is it possible to deploy both http and https on the same tomcat instance? I'd like to expose https to the external IP addr and http to 127.0.0.1. How is this configured in the xerver.xml file? I'm using apache cxf if that matters. Thanks -Bruce P.S. Apologies if this is a resend, I have just j

Address based security profile?

2009-06-16 Thread Bruce Edge
Hi, I have tomcat working with ssl, but I'd like to allow localhost clients to use no authentication. Is it possible to deploy the same service with authentication to external addresses and no auth to 127.0.0.1? If this is in the docs, could someone send me a link to this section? Thanks -Bruce