Re: How to block part of application based on ip filtering

Sun, 24 Aug 2008 09:35:07 -0700
----- Original Message ----- From: "Meir Yanovich" <[EMAIL PROTECTED]> 
To: <users@tomcat.apache.org>
Sent: Sunday, August 24, 2008 1:38 PM
Subject: How to block part of application based on ip filtering



Hello all
im using tomcat as the web server , and i have reverse proxy that
redirect to the tomcat
i like to be able to restrict the users that redirected from the
reverse proxy server to be able to
enter only one section of the application .
now i was reading the configuration and i found only the possibility
to allow / deny based on ip with :
org.apache.catalina.valves.RemoteAddrValve , but how can i allow from
ip x to enter only section Y of the application .
thanks


Meir... I'm not sure TC can help you...
I think this because the whole idea of a reverse proxy is that it invisible to TC... I think. ie Apache is going to make headers and all the rest look like they from a normal browser... I think 

Have a look at this
http://www.mail-archive.com/users@tomcat.apache.org/msg46654.html
May give you some idea's... that clever guy used apache to restrict access using apaches rewrites... Maybe you could do something like make apache add a special header... and then TC would know its from the proxy. There maybe someheader i'm unaware of... but idea is if you can detect a special header, then TC can reject from the servlet or ip filter...
ie either do all the logic in Apache or... make apache identify that it handled it, then do it in TC... 

... guessing here... I try something like this
Then normal requests to TC go everywhere... Apache is a half blocked gateway... maybe ;) 
---------------------------------------------------------------------------
HARBOR : http://www.kewlstuff.co.za/index.htm
The most powerful application server on earth.
The only real POJO Application Server.
See it in Action : http://www.kewlstuff.co.za/cd_tut_swf/whatisejb1.htm
--------------------------------------------------------------------------- 

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to