Restrict access to specific URL (Apache Tomcat)
Solution 1
Quote:
The Remote Address filter, org.apache.catalina.valves.RemoteAddrValve, allows you to compare the IP address of the requesting client against one or more regular expressions to either allow or prevent the request from continuing based on the results of this comparison. A Remote Address filter can be associated with a Tomcat Engine, Host, or Context container. org.apache.catalina.valves.RemoteAddrValve.
http://www.oxxus.net/tutorials/tomcat/tomcat-valve.htm
So, you'd need something along the lines of
<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="<your-ip-here>"/>
For possible values, see
http://tomcat.apache.org/tomcat-6.0-doc/config/valve.html#Remote_Address_Filter
You should be able to set this in the WEB-INF/web.xml for your application, see
http://oreilly.com/java/archive/tomcat.html
Solution 2
Goto following path: C:\Program Files\Apache Software Foundation\Tomcat 6.0\conf\Catalina\localhost\
Under this path you find "manager.xml" file.
Edit "manager.xml" file, with following content:
<Context path="/manager" debug="0" privileged="true">
<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127.0.0.1,10.100.1.2"/>
<!-- Link to the user database we will get roles from
<ResourceLink name="users" global="UserDatabase" type="org.apache.catalina.UserDatabase"/>
-->
</Context>
Save and run server. You got it.
NOTE :
- 127.0.0.1 MEANS YOUR SYSTEM IP
- 10.100.1.2 -THIS IS YOUR FRIENDS IP.
Related videos on Youtube
Haniball
Updated on July 09, 2022Comments
-
Haniball almost 2 years
How can I restrict access to a specific URL (it is a Tomcat Application Server)? e.g.
http://localhost:8081/application
cannot be accessed by an user except a specified IP (that is the calling service)-
Robb over 13 yearsThis related question may help stackoverflow.com/questions/593922/ip-restriction-with-htaccess
-
Aaron Newton over 13 yearsThis could work to, but since we're talking about Tomcat you'd need to proxy through Apache like so: tomcat.apache.org/connectors-doc-archive/jk2/proxy.html and also see httpd.apache.org/docs/1.3/mod/mod_proxy.html#access
-
-
MikeOnline about 5 yearsTomcat offers two similar classes to block or allow based on Remote IP address: org.apache.catalina.valves.RemoteAddrValve and org.apache.catalina.filters.RemoteAddrFilter. Examples in the Tomcat documentation for the latter one show how to use url-pattern. I am not sure url-pattern or filter-mapping are permitted with the first class.