RE: org.apache.catalina.valves.RemoteHostValve issue
Please take me off this reply list. Thanks -Original Message- From: Mark Thomas [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 20, 2005 5:01 PM To: Tomcat Users List Subject: Re: org.apache.catalina.valves.RemoteHostValve issue Tony Tomcat wrote: Actually.. according to the documentation the RemoteHostValve and RemoteAddrValve both do the same thing.. They both say... Concrete implementation of RequestFilterValve that filters based on the string representation of the remote client's IP address. The javadoc is exactly the same except the class name. :-P The JavaDocs for RemoteHostValve are wrong. It should say ...filters based on the remote client's hostname. The JavaDocs for RemoteAddrValve are correct. I don't see anything in the JavaDocs that suggests regular expressions should not be used for the allow and deny patterns. Mark - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: org.apache.catalina.valves.RemoteHostValve issue
-- Forwarded message -- From: Mark Thomas [EMAIL PROTECTED] To: Tomcat Users List tomcat-user@jakarta.apache.org Date: Wed, 17 Aug 2005 08:03:45 +0100 Subject: Re: org.apache.catalina.valves.RemoteHostValve issue Tony Tomcat wrote: Does the RemoteHostValve work? There are no examples in the Tomcat 5 docs and the tomcat 4 docs have the following.. Valve className=org.apache.catalina.valves .RemoteHostValve allow=*.mycompany.com,www.yourcompany.com http://www.yourcompany.com/ / The docs have been updated for 4 and 5 not to use this example. The problem is that . is a special character in a regular expression and needs to be escaped if you want to match a single . character in your input. The regexp docs are the place to read up on this. The following should work but I haven't tried it. Valve className=org.apache.catalina.valves.RemoteHostValve allow=.*mycompany\.com,www\.yourcompany\.com/ Mark Actually.. according to the documentation the RemoteHostValve and RemoteAddrValve both do the same thing.. They both say... Concrete implementation of RequestFilterValve that filters based on the string representation of the remote client's IP address. The javadoc is exactly the same except the class name. :-P Is it safe to say that tomcat doesn't support FQDN filtering (or is this just a typo/(cut-paste) issue? If it does support it are there performance implications since it seems that it would need to do a DNS lookup on all incoming connections.
Re: org.apache.catalina.valves.RemoteHostValve issue
Tony Tomcat wrote: Actually.. according to the documentation the RemoteHostValve and RemoteAddrValve both do the same thing.. They both say... Concrete implementation of RequestFilterValve that filters based on the string representation of the remote client's IP address. The javadoc is exactly the same except the class name. :-P The JavaDocs for RemoteHostValve are wrong. It should say ...filters based on the remote client's hostname. The JavaDocs for RemoteAddrValve are correct. I don't see anything in the JavaDocs that suggests regular expressions should not be used for the allow and deny patterns. Mark - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: org.apache.catalina.valves.RemoteHostValve issue
ok. got off my lazy butt and looked at the code. RemoteHostValve uses request.getRequest().getRemoteHost() so just the javadoc needs updating for RemoteHostValve.java. I'm sure this was just a copy of RemoteAddrValve. ;-) Now i just need to figure out how to configure my tomcat to return values for getRemoteHost calls. From: *Tony Tomcat [EMAIL PROTECTED]* Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Date: *Sep 20, 2005 4:35 PM* Subject: *Re: org.apache.catalina.valves.RemoteHostValve issue* Reply | Reply to all | Forward | Print | Add sender to Contacts list | Trash this message | Show original -- Forwarded message -- From: Mark Thomas [EMAIL PROTECTED] To: Tomcat Users List tomcat-user@jakarta.apache.org Date: Wed, 17 Aug 2005 08:03:45 +0100 Subject: Re: org.apache.catalina.valves.RemoteHostValve issue Tony Tomcat wrote: Does the RemoteHostValve work? There are no examples in the Tomcat 5 docs and the tomcat 4 docs have the following.. Valve className=org.apache.catalina.valves .RemoteHostValve allow=*.mycompany.com, www.yourcompany.comhttp://www.yourcompany.com/ / The docs have been updated for 4 and 5 not to use this example. The problem is that . is a special character in a regular expression and needs to be escaped if you want to match a single . character in your input. The regexp docs are the place to read up on this. The following should work but I haven't tried it. Valve className=org.apache.catalina.valves. RemoteHostValve allow=.*mycompany\.com,www\.yourcompany\.com/ Mark Actually.. according to the documentation the RemoteHostValve and RemoteAddrValve both do the same thing.. They both say... Concrete implementation of RequestFilterValve that filters based on the string representation of the remote client's IP address. The javadoc is exactly the same except the class name. :-P Is it safe to say that tomcat doesn't support FQDN filtering (or is this just a typo/(cut-paste) issue? If it does support it are there performance implications since it seems that it would need to do a DNS lookup on all incoming connections.
Re: org.apache.catalina.valves.RemoteHostValve issue
Tony Tomcat wrote: ok. got off my lazy butt and looked at the code. RemoteHostValve uses request.getRequest().getRemoteHost() so just the javadoc needs updating for RemoteHostValve.java. I'm sure this was just a copy of RemoteAddrValve. ;-) Looks like it. I have just committed a fix to CVS. Now i just need to figure out how to configure my tomcat to return values for getRemoteHost calls. http://jakarta.apache.org/tomcat/tomcat-5.5-doc/config/http.html Look for enableLookups Mark - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: org.apache.catalina.valves.RemoteHostValve issue
Tony Tomcat wrote: Does the RemoteHostValve work? There are no examples in the Tomcat 5 docs and the tomcat 4 docs have the following.. Valve className=org.apache.catalina.valves.RemoteHostValve allow=*.mycompany.com,www.yourcompany.com/ The docs have been updated for 4 and 5 not to use this example. The problem is that . is a special character in a regular expression and needs to be escaped if you want to match a single . character in your input. The regexp docs are the place to read up on this. The following should work but I haven't tried it. Valve className=org.apache.catalina.valves.RemoteHostValve allow=.*mycompany\.com,www\.yourcompany\.com/ Mark - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
org.apache.catalina.valves.RemoteHostValve issue
Does the RemoteHostValve work? There are no examples in the Tomcat 5 docs and the tomcat 4 docs have the following.. Valve className=org.apache.catalina.valves.RemoteHostValve allow=*.mycompany.com,www.yourcompany.com/ Any regex starting with * fails in Tomcat 5 and you can also see this happen on the Regex test applet. http://jakarta.apache.org/regexp/applet.html Does anyone have some working examples? It doesn't work for me even if I type in the full hostname. Perhaps there is something in Tomcat I need to configure for it to be able to get the hostname of the requestor? Tony - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
