Hi Lars,
my guess is that it looks at 127.0.0.1, so adding 127\.0\.0\.1 to the list would solve it
or, you can add enableLookups="true" to your <Connector> element,

although, I'm not sure why it just wouldn't look at the Host header

Filip



Lars Huttar wrote:
On the tomcat-user list
(http://www.mail-archive.com/tomcat-user@jakarta.apache.org/msg158910.html):




  Re: org.apache.catalina.valves.RemoteHostValve issue

Mark Thomas
Tue, 20 Sep 2005 14:09:45 -0700

Tony Tomcat wrote:
 
>   ok. got off my lazy butt and looked at the code. RemoteHostValve
>   uses request.getRequest().getRemoteHost() so just the javadoc
>   needs updating for RemoteHostValve.java. I'm sure this was just a
>   copy of RemoteAddrValve. ;-)
Looks like it. I have just committed a fix to CVS.

 
>   Now i just need to figure out how to configure my tomcat to return
>   values for getRemoteHost calls.
http://jakarta.apache.org/tomcat/tomcat-5.5-doc/config/http.html
Look for enableLookups

Mark


I have been trying to do this, namely, use a RemoteHostValve to restrict
Tomcat to accept connections from only certain hosts.
My <Context> looks like this:

         <Context docBase="../../cocoon-2.1.7" path="">
              <Valve
className="org.apache.catalina.valves.RemoteHostValve"

allow="localhost,massah,massah\.sil\.org,massah\.dallas\.sil\.org,isaiah\.wycliffe\.org,it-huttar1\.sil\.org,it-huttar-d820\.sil\.org"/>


         </Context>

I also put enableLookups="true" in my connector, as instructed by the
documentation link you gave:
  <Connector port="80" maxHttpHeaderSize="8192"
             maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
             enableLookups="true" redirectPort="8443" acceptCount="100"
             connectionTimeout="20000" disableUploadTimeout="true"
allowTrace="true"/>

But Tomcat forbids me to connect, even from localhost. (Localhost is
massah.dallas.sil.org.)

Earlier I tried the RemoteAddrValve with IP addresses, and was able to
get it to work fine. However that won't meet our needs very well, as our
various dev machines change IP addresses now and then.

Any ideas? Can I somehow trace what hostname Tomcat thinks the request
is coming from? I turned on allowTrace in the http connector, as you can
see, but I can't find a log file that traces connection attempts. I've
looked in all those in Tomcat 5.5\logs.

If it matters, I'm on a Windows 2000 Server machine, and running Cocoon
as the servlet. I'm running Tomcat 5.5.9.

Thanks for your help,

Lars





---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




--


Filip Hanik

Reply via email to