It is restricted based on IP, not name. The name you give in the
browser is resolved to an IP address via host file and/or DNS before
making the request.
What you really seem to be looking for is the remote address valve which
allows/denies access based on the client's IP address. See
http://tomcat.apache.org/tomcat-5.5-doc/config/valve.html for more
information. Using it you could allow 127.0.0.1 and whatever your local
IP address is.
Another option is to simply block your tomcat ports via a firewall so
only the local system can access them.
--David
Mark Claassen wrote:
We do have something similar to your first example.
127.0.0.1 localhost
192.168.0.2 testmachine.domain.com testmachine
So we can probably move testmachine like you did. But does this mean that
accesses by "testmachine.domain.com" will not comply?
I was just hoping that the restriction would be based on some intrinsic
information and not just on the name that was used.
Providing I don't let anyone hack into my /etc/hosts file, can this be
spoofed?
Mark
-----Original Message-----
From: Andrew Miehs [mailto:[EMAIL PROTECTED]
Sent: Monday, June 12, 2006 9:17 AM
To: Tomcat Users List
Subject: Re: Restricting access to localhost for an HTTP connector - Email
has different SMTP TO: and MIME TO: fields in the email addresses
@Mark,
as Peter wrote, have a look in /etc/hosts.
It probably looks like
127.0.0.1 localhost
192.168.0.2 testmachine.domain.com testmachine
You should change this to
127.0.0.1 localhost testmachine
192.168.0.2 testmachine.domain.com
Just be careful if you are using Solaris - you may end up configuring your
ethernet to 127.0.0.1 if you have not used a fully qualified domain name in
/ etc/hostname.interfacename
Regards
Andrew
On 12/06/2006, at 3:08 PM, Peter Crowther wrote:
From: Mark Claassen [mailto:[EMAIL PROTECTED] Say Tomcat is on a
machine called TestMachine.
If I put "127.0.0.1" in the address field, it accepts connections of
the form "http: //127.0.0.1/..." only It does not accept connections
from "http:
//TestMachine/...", even though
the server is this same machine.
I was hoping that it would accept all connections from the local
machine, regardless of what the connection was called.
Is there a way to do this?
Yes. Add '127.0.0.1 TestMachine' into testmachine's /etc/hosts file.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe,
e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
