Hi Christopher, > Paul, > > On 4/29/15 10:18 PM, l...@bsoft.com.cn wrote: >> p.s. I asked this question, in other wording, on SackOverflow.com >> <http://sackoverflow.com/> as well. I hope I have better luck here >> ;-) >> http://stackoverflow.com/questions/29858030/where-can-i-find-the-apach > e-httpd-server-ip-from-within-a-tomcat-valve-when-ajp >> <http://stackoverflow.com/questions/29858030/where-can-i-find-the-apac > he-httpd-server-ip-from-within-a-tomcat-valve-when-ajp> > > It's more clear from this post that you just want to make sure that > the HTTP (or AJP) request is coming from localhost. > > If that's all you want, then change the <Connector> configuration so > that it's only listening on localhost, like this: > > <Connector address="127.0.0.1" > ... > /> > > This will prevent any incoming connections from the outside world. > > Does that solve your problem? > > - -chris
On stackOverflow, I indeed said I (just) wanted to check for 127.0.0.1/localhost. That was a simplification of the case, to keep the focus on getting the AJP request's source IP address. In real life, there will also be setups where the source IP will be different. Sorry for any confusion this may have caused. All in all, the SO question isn't really important anymore, since I now know that IP restriction wouldn't be the best way to accomplish the security I am looking for. Personally, I'd still like to know the answer, but that's only because I have spent multiple hours trying to find that IP address from inside the valve ;) Kind regards, Paul Klinkenberg --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
