-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Leo,
On 11/30/12 7:07 PM, Leo Donahue - RDSA IT wrote: >> -----Original Message----- From: Leo Donahue - RDSA IT >> [mailto:leodona...@mail.maricopa.gov] Sent: Friday, November 30, >> 2012 5:02 PM To: Tomcat Users List Subject: RE: Context Path for >> a subdirectory >> >> >> The way the Server 1 is configured, there are accounts that the >> rest/admin web app will take which let you do things like >> shutdown the services and other stuff, if you were able to brute >> force the rest/admin username/password. >> > > That would only do you any good if you knew the internal server > name. But I have to protect from internal threats as well, right? Now, you're thinking properly ;) Just remember that you asked to be able to restrict by IP address. Well, an internal threat might be able to come from that IP address, so you might want credentials that can be relatively quickly revoked. I suppose you could change the IP whitelist, but then maybe you'll have to figure out what the new blessed IP will be... - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with undefined - http://www.enigmail.net/ iEYEARECAAYFAlC5eTQACgkQ9CaO5/Lv0PB6PwCdHxGgWyhTjvxfq/sUuelnXI2I 2CUAn2XccinoszoRrw6H52zgZj73WyB3 =XjhS -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
