Re: org.apache.catalina.valves.RemoteHostValve issue

Fri, 16 Jun 2006 12:18:49 -0700 

On the tomcat-user list
(http://www.mail-archive.com/tomcat-user@jakarta.apache.org/msg158910.html): 





  Re: org.apache.catalina.valves.RemoteHostValve issue

Mark Thomas
Tue, 20 Sep 2005 14:09:45 -0700

Tony Tomcat wrote:

 
>   ok. got off my lazy butt and looked at the code. RemoteHostValve

>   uses request.getRequest().getRemoteHost() so just the javadoc
>   needs updating for RemoteHostValve.java. I'm sure this was just a
>   copy of RemoteAddrValve. ;-)
Looks like it. I have just committed a fix to CVS.


 
>   Now i just need to figure out how to configure my tomcat to return

>   values for getRemoteHost calls.
http://jakarta.apache.org/tomcat/tomcat-5.5-doc/config/http.html
Look for enableLookups

Mark



I have been trying to do this, namely, use a RemoteHostValve to restrict
Tomcat to accept connections from only certain hosts.
My <Context> looks like this:

         <Context docBase="../../cocoon-2.1.7" path="">
              <Valve
className="org.apache.catalina.valves.RemoteHostValve"


allow="localhost,massah,massah\.sil\.org,massah\.dallas\.sil\.org,isaiah\.wycliffe\.org,it-huttar1\.sil\.org,it-huttar-d820\.sil\.org"/> 




         </Context>

I also put enableLookups="true" in my connector, as instructed by the
documentation link you gave:
  <Connector port="80" maxHttpHeaderSize="8192"
             maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
             enableLookups="true" redirectPort="8443" acceptCount="100"
             connectionTimeout="20000" disableUploadTimeout="true"
allowTrace="true"/>

But Tomcat forbids me to connect, even from localhost. (Localhost is
massah.dallas.sil.org.)

Earlier I tried the RemoteAddrValve with IP addresses, and was able to
get it to work fine. However that won't meet our needs very well, as our
various dev machines change IP addresses now and then.

Any ideas? Can I somehow trace what hostname Tomcat thinks the request
is coming from? I turned on allowTrace in the http connector, as you can
see, but I can't find a log file that traces connection attempts. I've
looked in all those in Tomcat 5.5\logs.

If it matters, I'm on a Windows 2000 Server machine, and running Cocoon
as the servlet. I'm running Tomcat 5.5.9.

Thanks for your help,

Lars





---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]























					Reply via email to