On 10/20/25 12:45 PM, Sebastian Trost wrote:
What is the reason behind all this?
We manage Tomcat servers for several customers, installations of our CRM
application for IBM Midrange systems. This application was originally
built as a Java-client application; we later added the option of a
Tomcat-based webapp as an alternate client.
On these installations, the Tomcat server is set up so that only our
office IP address can access the manager application. They also open
port 992 (secured TN5250) to our office IP address.
Unfortunately, one unusually paranoid customer (who'd already had us set
up Manager so that it won't even admit to its own existence, if the
traffic comes from a prohibited IP address) set up a bizarre firewall
configuration, such that (at least so far as I can tell), the Tomcat
server sees *all* outside traffic as coming from the *firewall* address,
rather than the originating address.
And because of extremely heavy user loads, nearly 24/7, their Tomcat
server has regularly scheduled restarts.
Thus, a way to start and stop *our* webapp contexts without manager has
*nothing* to do with what we're after; rather, keeping *manager* either
stopped, blocked, lobotomized, or physically absent when we're not
either using it to install updates, or using it to gather
troubleshooting data, is the object.
--
JHHL
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
