#log4j.properties should contain a statement which associates your package to
Level e.g.
#package=LEVEL, NameOfAppender
#BEGIN CONSOLE APPENDER (stdout)
#first:type of appender (fully qualified class name) note all stdout goes to
ConsoleAppender
log4j.appender.stdout=org.apache.log4j.ConsoleAppender
# Many appenders require a layout.
log4j.appender.stdout.layout=org.apache.log4j.SimpleLayout
# additionally, some layouts can take additional information --
# like the ConversionPattern for the PatternLayout.
# log4j.appender.stdout.layout.ConversionPattern=%d %-5p %-17c{2} (%30F:%L) %3x
- %m%n
# BEGIN Rolling APPENDER: (rolling)
# first:type of appender (fully qualified class name)
log4j.appender.rolling=org.apache.log4j.RollingFileAppender
# second: Any configuration information needed for that appender.
# Many appenders require a layout.
log4j.appender.rolling.File=example.log
# max file size of rolling appender will be 100kb
log4j.appender.rolling.MaxFileSize=100KB
# Keep one backup file
log4j.appender.rolling.MaxBackupIndex=1
#pattern of the logfile
log4j.appender.rolling.layout=org.apache.log4j.PatternLayout
log4j.appender.rolling.layout.ConversionPattern=%p %t %c - %m%n
//default rootCategory for level is debug with output directed to stdout or
//RollingFileAppender as in
log4j.rootCategory=debug,stdout,rolling
//you want to assign your package=LEVEL,Appender1,Appender2 as defined here
de.tamundo.security=warn,stdout,rolling
valid levels are
debug,
info,
warn,
error,
fatal
and log.
appenders are
console, files, GUI
components, remote socket
servers, JMS,
NT
Event Loggers, and remote UNIX Syslog
daemons
http://logging.apache.org/log4j/1.2/manual.html
HTH
Martin Gainty
______________________________________________
Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité
Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger
sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung
oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem
Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung.
Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung
fuer den Inhalt uebernehmen.
Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le
destinataire prévu, nous te demandons avec bonté que pour satisfaire informez
l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est
interdite. Ce message sert à l'information seulement et n'aura pas n'importe
quel effet légalement obligatoire. Étant donné que les email peuvent facilement
être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité
pour le contenu fourni.
From: m...@moritz-maedler.de
To: axis-user@ws.apache.org
Subject: Securing Axis2-Admin
Date: Mon, 24 Aug 2009 14:11:58 +0200
Hello,
I'm using axis2 1.5 as a tomcat6 servlet. As it runs in production, I want to
secure the axis2 admin frontendby restricting the access to a specifig (e.g.
local) IP-range. How can this be implemented? I tried to integrate a filter
which sends a 403-error upon access with wrongIP-address. This leaded to
following exception when restarting tomcat:-----Aug 24, 2009 12:47:30 PM
org.apache.catalina.core.StandardContext processTldsSEVERE: Error reading tld
listeners java.lang.NullPointerExceptionjava.lang.NullPointerException at
org.apache.log4j.Category.isEnabledFor(Category.java:749) at
org.apache.commons.logging.impl.Log4JLogger.isTraceEnabled(Log4JLogger.java:333)
at
org.apache.catalina.startup.TldConfig.tldScanResourcePaths(TldConfig.java:581)
at org.apache.catalina.startup.TldConfig.execute(TldConfig.java:282) at
org.apache.catalina.core.StandardContext.processTlds(StandardContext.java:4307)
at
org.apache.catalina.core.StandardContext.start(StandardContext.java:4144) at
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:760)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:740)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:544)
at
org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:626) at
org.apache.catalina.startup.HostConfig.deployDescriptors(HostConfig.java:553)
at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:488)
at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1138) at
org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311) at
org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:120)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1022)
at org.apache.catalina.core.StandardHost.start(StandardHost.java:736)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1014)
at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
at org.apache.catalina.core.StandardService.start(StandardService.java:448)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:700)
at org.apache.catalina.startup.Catalina.start(Catalina.java:552) at
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597) at
org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295) at
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597) at
org.apache.commons.daemon.support.DaemonLoader.start(DaemonLoader.java:177)Aug
24, 2009 12:47:31 PM org.apache.catalina.core.StandardContext processTlds----
The filter-config looks like web.xml looks like----[....AXIS-CONF....]<filter>
<description> </description> <display-name>
IPFilter</display-name> <filter-name>IPFilter</filter-name>
<filter-class>de.tamundo.security.IPFilter</filter-class>
</filter><filter-mapping> <filter-name>IPFilter</filter-name>
<url-pattern>/IPFilter</url-pattern> </filter-mapping>----
I copied the filterclass under /axis2/WEB-INF/de/tamundo/security.
Is there another possibility to secure the Axis2-Admin?
Thanks alot!
Moritz
_________________________________________________________________
Windows Live: Make it easier for your friends to see what you’re up to on
Facebook.
http://windowslive.com/Campaign/SocialNetworking?ocid=PID23285::T:WLMTAGL:ON:WL:en-US:SI_SB_facebook:082009
