-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mark,
On 12/19/2009 4:22 PM, Mark Thomas wrote:
> On 19/12/2009 10:45, André Warnier wrote:
>> If this is too vast as a question, just let me know and point me where
>> to get started maybe ?
>
> Not at all, although this is heading off topic. I'd st
Bill Barker wrote:
...
Which gives a third option to the OP, which is to use the useIPVHosts="true"
option on the , and only configure s for the
ones that he wants to allow to connect (and the default Host just returns
404 to every request).
Yes, that possibility was kind of nagging at me s
er (i.e. the ServerName)
Which gives a third option to the OP, which is to use the useIPVHosts="true"
option on the , and only configure s for the
ones that he wants to allow to connect (and the default Host just returns
404 to every request).
> The HTTP connectors will report
On 20.12.2009 21:00, André Warnier wrote:
Mark Thomas wrote:
...
This is one of those times where the solution will depend on the
protocol you are using.
The AJP connectors will report the client's IP address so you need an
alternative solution. Using the "request.secret" attribute is probably
Mark Thomas wrote:
...
This is one of those times where the solution will depend on the
protocol you are using.
The AJP connectors will report the client's IP address so you need an
alternative solution. Using the "request.secret" attribute is probably
the simplest fix although keep in mind tha
ctors will report the proxy's IP address so the
RemoteAddressValve can be used.
Note in Tomcat 7:
- where the RemoteIpValve is available you would need to make sure that
the RemoteAddressVlave was earlier in the pipeline than the RemoteIpValve
- you have the option of using
inst which RemoteAddressValve operates ?
public void invoke(Request request, Response response)
throws IOException, ServletException {
process(request.getRequest().getRemoteAddr(), request, response);
}
It is the request.getRequest().getRemoteAddr() call.
Right.
So, to summarise the original con
t back to the main issue, as long as I anway get the hang of this
> stuff, and have checked out the SVN of Tomcat anyway,
> where in the /valves stuff do I find where it actually checks the "remote
> IP" against which RemoteAddressValve operates ?
>
> And, supposing I were to
;
> To get back to the main issue, as long as I anway get the hang of this
> stuff, and have checked out the SVN of Tomcat anyway,
> where in the /valves stuff do I find where it actually checks the
> "remote IP" against which RemoteAddressValve operates ?
public void invoke
ks the
"remote IP" against which RemoteAddressValve operates ?
And, supposing I were to tweak one or the other module, how do I create
a local version of Tomcat to test my changes on ?
This is exciting stuff... ;-)
If this is too vast as a question, just let me kn
"André Warnier" wrote in message
news:4b2bdc92.9050...@ice-sa.com...
> Christopher Schultz wrote:
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> Mark,
>>
>> On 12/18/2009 11:42 AM, Mark Thomas wrote:
>>> On 18/12/2009 16:21, André Warnier wrote:
or do I need some
special edi
Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mark,
On 12/18/2009 11:42 AM, Mark Thomas wrote:
On 18/12/2009 16:21, André Warnier wrote:
or do I need some
special editor or setting, or do I just convert these codes to their
UTF-8 equivalents and submit it as such ?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mark,
On 12/18/2009 11:42 AM, Mark Thomas wrote:
> On 18/12/2009 16:21, André Warnier wrote:
>> or do I need some
>> special editor or setting, or do I just convert these codes to their
>> UTF-8 equivalents and submit it as such ?
>
> You can use:
>
On 18/12/2009 16:21, André Warnier wrote:
> Mark Thomas wrote:
>> On 18/12/2009 15:20, André Warnier wrote:
>>> By the way, in the file LocalStrings_fr.properties that is in that same
>>> directory, there are quite a few typos. That's more my level, me being
>>> a native French speaker and all.
>>
Mark Thomas wrote:
On 18/12/2009 15:20, André Warnier wrote:
By the way, in the file LocalStrings_fr.properties that is in that same
directory, there are quite a few typos. That's more my level, me being
a native French speaker and all.
How do I submit a corrected version, with a minimum of fus
On 18/12/2009 15:20, André Warnier wrote:
> By the way, in the file LocalStrings_fr.properties that is in that same
> directory, there are quite a few typos. That's more my level, me being
> a native French speaker and all.
> How do I submit a corrected version, with a minimum of fuss ?
Get the l
Caldarale, Charles R wrote:
From: André Warnier [mailto:a...@ice-sa.com]
Subject: Re: Using RemoteAddressValve with an Apache mod_proxy_balancer
If anyone points me to where the code of the RemoteAddrValve can be
found, I'd like to have a look.
Download the source package, and lo
> From: André Warnier [mailto:a...@ice-sa.com]
> Subject: Re: Using RemoteAddressValve with an Apache mod_proxy_balancer
>
> If anyone points me to where the code of the RemoteAddrValve can be
> found, I'd like to have a look.
Download the source package, and look in:
apac
Rainer Jung wrote:
On 17.12.2009 10:02, André Warnier wrote:
Martin B. Smith wrote:
On 12/16/2009 11:01 PM, Bill Barker wrote:
"André Warnier" wrote in message
news:4b294eb6.4090...@ice-sa.com...
Martin B. Smith wrote:
Howdy!
I'm trying to ensure that only specific instances of Apache are
On 17.12.2009 10:02, André Warnier wrote:
Martin B. Smith wrote:
On 12/16/2009 11:01 PM, Bill Barker wrote:
"André Warnier" wrote in message
news:4b294eb6.4090...@ice-sa.com...
Martin B. Smith wrote:
Howdy!
I'm trying to ensure that only specific instances of Apache are
allowed to proxy req
Martin B. Smith wrote:
On 12/16/2009 11:01 PM, Bill Barker wrote:
"André Warnier" wrote in message
news:4b294eb6.4090...@ice-sa.com...
Martin B. Smith wrote:
Howdy!
I'm trying to ensure that only specific instances of Apache are allowed
to proxy requests into my Tomcat 5.5.28 instances.
.
On 12/16/2009 11:01 PM, Bill Barker wrote:
> "André Warnier" wrote in message
> news:4b294eb6.4090...@ice-sa.com...
>> Martin B. Smith wrote:
>>> Howdy!
>>>
>>> I'm trying to ensure that only specific instances of Apache are allowed
>>> to proxy requests into my Tomcat 5.5.28 instances. Unfortun
"André Warnier" wrote in message
news:4b294eb6.4090...@ice-sa.com...
> Martin B. Smith wrote:
>> Howdy!
>>
>> I'm trying to ensure that only specific instances of Apache are allowed
>> to proxy requests into my Tomcat 5.5.28 instances. Unfortunately, it
>> looks like Tomcat is seeing the actua
Martin B. Smith wrote:
Howdy!
I'm trying to ensure that only specific instances of Apache are allowed
to proxy requests into my Tomcat 5.5.28 instances. Unfortunately, it
looks like Tomcat is seeing the actual client IP making the original
request to Apache. Does anyone have a configuration t
ation that only allows
specific Apache (mod_)proxies to be serviced by Tomcat?
I will be using other ways to protect Tomcat, but I'd like something
inside Tomcat filtering these AJP requests too, and RemoteAddressValve
sounds like it should work :)
Yees, but as you noticed, it does
llows
specific Apache (mod_)proxies to be serviced by Tomcat?
I will be using other ways to protect Tomcat, but I'd like something
inside Tomcat filtering these AJP requests too, and RemoteAddressValve
sounds like it should work :)
Here's what I'm using now --
Apache:
ProxyP
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Leo,
On 7/8/2009 10:01 AM, Leo Donahue - PLANDEVX wrote:
> If I put the following nested in the element of my server.xml,
> is that the right way to do it?
>
> privileged="true"
>
> allow="176.24.*.*"/>
>
> />
Note that it inappropriate to put
Leo Donahue - PLANDEVX wrote:
> Andre, Tim,
>
> Thanks for the feedback on the regex.
>
> I don't think I can nest a inside a
You can if you use valid xml.
> privileged="true"
> allow="176\.24\..*" />
> />
You want:
Mark
On 8/7/09 15:01, Leo Donahue - PLANDEVX wrote:
I want to restrict web access to a specific web app to only allow it to be
available on our domain.
If I put the following nested in the element of my server.xml, is that
the right way to do it?
/>
You didn't specify which version of Tomcat
ice-sa.com]
Sent: Wednesday, July 08, 2009 7:14 AM
To: Tomcat Users List
Subject: Re: RemoteAddressValve
Leo Donahue - PLANDEVX wrote:
...
>
>allow="176.24.*.*"/>
>
I don't know about the context in which you can use this, but about the above,
your "allow" att
Leo Donahue - PLANDEVX wrote:
...
I don't know about the context in which you can use this, but about the
above, your "allow" attribute is incorrect.
It should be :
"A comma-separated list of /regular expression patterns/ that the remote
client's IP address is compared to."
If I unders
allow is a regex - you probably want this:
allow="176\.24\..+"
with allow="176.24.*.*" - you would also let through
176.240.
176.241.
...
176.249.
-Tim
Leo Donahue - PLANDEVX wrote:
I want to restrict web access to a specific web app to only allow it to be
available on our domain.
If I put
I want to restrict web access to a specific web app to only allow it to be
available on our domain.
If I put the following nested in the element of my server.xml, is that
the right way to do it?
/>
Leo Donahue
33 matches
Mail list logo
