Hi Chris and Mark, Thank you both for your input.
I arrived at an sru.xml file in conf\Catalina\localhost, containing: <?xml version="1.0" encoding="UTF-8"?> <Context> <Valve className="org.apache.catalina.valves.RemoteAddrValve" addConnectorPort="true" allow="10\.\d+\.\d+\.\d+;8443|.*;8080"/> <!-- other configuration here --> </Context> This means that private IPs (just those stating with 10.) can connect on port 8443; any IP on port 8080. It’s there as a reminder that this can be done – my first test was limiting to (locahost);8443, similar to the example in the documentation, but allowed me to confirm that I can/cannot connect depending which port I use. This gave me confidence in the config. Now I’m reminded why I wanted it to be configurable – it’s behind a load balancer in production and I don’t know what the load balancer is going to deliver as I don’t have one in my development environment. I also don’t know the network route the calling service will take. Thanks, Tim -- Tim Scott OCLC · Senior Software Engineer / Technical Product Manager cc: IT file OCLC COVID-19 resources: oc.lc/covid19-service-info<https://oc.lc/covid19-service-info>
