* Edward Quick wrote (28/04/06 10:53):
>
>> > Hi,
>> >
>> > I have an Apache mod_jk Tomcat server set up on the same host, and
want
>>to
>> > restrict access to the Tomcat so that only the Apache on the
localhost
>>can
>> > connect to port 8009.
>> >
>> > I tried using org.apache.catalina.valves.RemoteAddrValve, with
>> > allow="127.0.0.1", but the issue is that Tomcat picks up the IP
address
>>of
>> > the client, and not the Apache which is passing traffic onto it.
>> >
>> > Is there a way round this?
>>
>>
>><Connector port="8009" protocol="AJP/1.3"
>> address="127.0.0.1">
>>
>>Won't that do it?
>>
>>Chris
>>
>
> I don't think so because that's saying, bind the ajp listener to the
> localhost. It's not saying restrict access to the ajp listener to
localhost.
If it's bound to the loopback interface only, then only local
applications will be able to connect to it. Nothing else can access
127.0.0.1.
Try it, and then try using
telnet i.p.add.ress 8009 from a different machine
You should get connection refused. I'm fairly confident that this solves
your problem.
Chris
Thanks, I know what you mean but my problem is the Apache is not on the same
box as the Tomcat.
Ed.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
