* I put following in the $CATALINA_HOME/webapps/ROOT/META-INF/context.xml ,
but it's not working.
<Context>
<Value className="org.apache.catalina.valves.RemoteAddrValue"
allow="ip.addr." deny=""/>
</Context>
Also, this file is not being copied as
$CATALINA_HOME/conf/Catalina/localhost/ROOT.xml.
* In addition to above file , I modified
$CATALINA_HOME/conf/Catalina/localhost/manager.xml and
$CATALINA_HOME/conf/Catalina/localhost/host-manager.xml as well, but that's
not working either.
Am I missing anything?
--
jM.
On Sun, Jul 18, 2010 at 1:00 AM, Johan Martinez <jmart...@gmail.com> wrote:
>
> Thanks for the suggestions Chuck.
>
> Below is my reply inline.
>
> As you may have guessed out I am a newbie and this is turning out to be
> really interesting and educational. :)
>
> --
> jM.
>
> On Sun, Jul 18, 2010 at 12:31 AM, Caldarale, Charles R <
> chuck.caldar...@unisys.com> wrote:
>
>>
>> > From: Johan Martinez [mailto:jmart...@gmail.com]
>> > Subject: Re: IP based request filters for admin/manager
>> >
>> > I don't want to replace the default ROOT webapp, in other
>> > words, I don't want my specific webapp to be ROOT app.
>>
>> A little odd, but if that's your choice...
>>
>
>
> There are multiple webapps and all are being deployed/accessed using some
> specific names. Clients are configured with these specific URL patterns. So
> ROOT webapp is not needed.
>
>
>
>> > But I would like to restrict/hide information normally
>> > exposed by the default ROOT webapp.
>>
>> All of what Tomcat's default ROOT has, or just some of it?
>>
>> For all of it, just place a <Context> element in
>> webapps/ROOT/META-INF/context.xml, configuring the valve you already know
>> about. (Do not use path or docBase attributes here - they're not allowed.)
>> If you only want to restrict some of it, but don't want to use
>> authentication, you'll need to write a more sophisticated filter. There's
>> no need to move or rename ROOT, unless you're just trying to obscure things
>> (and security through obscurity is a fool's game).
>>
>
> Thanks for pointing out this approach.
>
>
>> > I removed 'manager' from webapps directory.
>>
>> What version of Tomcat are you using? If you're using 5.5.x (hinted at by
>> your previous message's reference to a doc page), the manager webapp is in
>> server/webapps, not the regular webapps directory. If you're using a newer
>> Tomcat (and you probably should be), manager is under the regular webapps
>> directory.
>>
>> > Now I am not able to access http://hostname/manager
>>
>> You never could - that will always get you a 404 (at least until Tomcat
>> 7.0.1 comes out).
>>
>> > but http://hostname/manager/html works.
>>
>> That's the valid URL for the manager GUI. Looks like you didn't really
>> get rid of it.
>>
>
>
> Checked $CATALINA_HOME/conf/Catalina/localhost/manager.xml and found
> "<Context docBase="${catalina.home}/server/webapps/manager" entry. I thought
> I removed manager app, but not really...
>
>
>>
>> - Chuck
>>
>>
>> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
>> MATERIAL and is thus for use only by the intended recipient. If you received
>> this in error, please contact the sender and delete the e-mail and its
>> attachments from all computers.
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>> For additional commands, e-mail: users-h...@tomcat.apache.org
>>
>>
>
