Restrict access to specific URL (Apache Tomcat)

apache tomcat restriction

26,031

Solution 1

Quote:

The Remote Address filter, org.apache.catalina.valves.RemoteAddrValve, allows you to compare the IP address of the requesting client against one or more regular expressions to either allow or prevent the request from continuing based on the results of this comparison. A Remote Address filter can be associated with a Tomcat Engine, Host, or Context container. org.apache.catalina.valves.RemoteAddrValve.

http://www.oxxus.net/tutorials/tomcat/tomcat-valve.htm

So, you'd need something along the lines of

<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="<your-ip-here>"/>

For possible values, see

http://tomcat.apache.org/tomcat-6.0-doc/config/valve.html#Remote_Address_Filter

You should be able to set this in the WEB-INF/web.xml for your application, see

http://oreilly.com/java/archive/tomcat.html

Solution 2

Goto following path: C:\Program Files\Apache Software Foundation\Tomcat 6.0\conf\Catalina\localhost\

Under this path you find "manager.xml" file.

Edit "manager.xml" file, with following content:

<Context path="/manager" debug="0" privileged="true">

      <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127.0.0.1,10.100.1.2"/>

      <!-- Link to the user database we will get roles from
      <ResourceLink name="users" global="UserDatabase" type="org.apache.catalina.UserDatabase"/>
        -->

</Context>

Save and run server. You got it.

NOTE :

127.0.0.1 MEANS YOUR SYSTEM IP
10.100.1.2 -THIS IS YOUR FRIENDS IP.

26,031

Haniball

Updated on July 09, 2022

Comments

Haniball almost 2 years

How can I restrict access to a specific URL (it is a Tomcat Application Server)? e.g. http://localhost:8081/application cannot be accessed by an user except a specified IP (that is the calling service)
- Robb over 13 years
  
  This related question may help stackoverflow.com/questions/593922/ip-restriction-with-htacc‌ess
- Aaron Newton over 13 years
  
  This could work to, but since we're talking about Tomcat you'd need to proxy through Apache like so: tomcat.apache.org/connectors-doc-archive/jk2/proxy.html and also see httpd.apache.org/docs/1.3/mod/mod_proxy.html#access
MikeOnline about 5 years

Tomcat offers two similar classes to block or allow based on Remote IP address: org.apache.catalina.valves.RemoteAddrValve and org.apache.catalina.filters.RemoteAddrFilter. Examples in the Tomcat documentation for the latter one show how to use url-pattern. I am not sure url-pattern or filter-mapping are permitted with the first class.