Re: mod_jk ACL - next
GOMEZ Henri wrote: Hi, I'm busy these days and didn't have many time on ACL for mod_jk. Before investing too many times, just want to describe the plan : 1) Create stuff to handle InetMask a l hosts.allow / hosts.deny. Data initialized via config in server.xml From 3.2 server.xml Connector className="org.apache.tomcat.service.PoolTcpConnector" Parameter name="handler" value="org.apache.tomcat.service.connector.Ajp13ConnectionHandler"/ Parameter name="port" value="8009"/ Parameter name="deny" value="ALL"/ Parameter name="allow" value="172.168.1.0/24"/ Parameter name="allow" value="127.0.0.1"/ /Connector After connection, ACL is checked and connection closed (and warned) if rules not meet Just out of curiousity, can't you use Apache's standard filtering directives in conjunction with MOD_JK? Why do you need to implement it here as well? 2) The ACL stuff could also be used in a Realm ? Thanks for more Lights ;-) - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, email: [EMAIL PROTECTED] Craig - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, email: [EMAIL PROTECTED]
Re: mod_jk ACL - next
Connector className="org.apache.tomcat.service.PoolTcpConnector" Parameter name="handler" value="org.apache.tomcat.service.connector.Ajp13ConnectionHandler"/ Parameter name="port" value="8009"/ Parameter name="deny" value="ALL"/ Parameter name="allow" value="172.168.1.0/24"/ Parameter name="allow" value="127.0.0.1"/ /Connector After connection, ACL is checked and connection closed (and warned) if rules not meet Just out of curiousity, can't you use Apache's standard filtering directives in conjunction with MOD_JK? Why do you need to implement it here as well? The goal is to protect the tomcat instance - the apache directives are protecting the apache server. ( it is needed to prevent possible security problems ) Costin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, email: [EMAIL PROTECTED]
mod_jk ACL - next
Hi, I'm busy these days and didn't have many time on ACL for mod_jk. Before investing too many times, just want to describe the plan : 1) Create stuff to handle InetMask a l hosts.allow / hosts.deny. Data initialized via config in server.xml From 3.2 server.xml Connector className="org.apache.tomcat.service.PoolTcpConnector" Parameter name="handler" value="org.apache.tomcat.service.connector.Ajp13ConnectionHandler"/ Parameter name="port" value="8009"/ Parameter name="deny" value="ALL"/ Parameter name="allow" value="172.168.1.0/24"/ Parameter name="allow" value="127.0.0.1"/ /Connector After connection, ACL is checked and connection closed (and warned) if rules not meet 2) The ACL stuff could also be used in a Realm ? Thanks for more Lights ;-) - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, email: [EMAIL PROTECTED]