RemoteAddrValve syntax
How do I specify wildcards in the RemoteAddrValue declaration? The Tomcat docs says it uses the java.util.regex package, so i wrote a test case like this: String patternStr = 192.168.*.*; String searchStr = 192.168.1.2; Pattern p = Pattern.compile(patternStr); Matcher m = p.matcher(searchStr); System.out.println(Does + patternStr); System.out.println(Match + searchStr); boolean b = m.matches(); System.out.println(Result: + b); Which returns true, however when I placed patternStr into my server.xml file (following the conventions in the Tomcat docs of escaping the . with \ ): Valve className=org.apache.catalina.valves.RemoteAddrValve allow=192\.168\.*\.*/ It didn't match, ie. I couldn't get in. I hard coded my current ip into the above value and it worked, but I need to match any 192.168.*.* address. How do specify this in server.xml? Thanks Setup: Java 1.4.2 Tomcat 5.5
Re: RemoteAddrValve syntax
Jonathan Mast wrote:
How do I specify wildcards in the RemoteAddrValue declaration?
The Tomcat docs says it uses the java.util.regex package, so i wrote a test
case like this:
String patternStr = 192.168.*.*;
String searchStr = 192.168.1.2;
Pattern p = Pattern.compile(patternStr);
Matcher m = p.matcher(searchStr);
System.out.println(Does + patternStr);
System.out.println(Match + searchStr);
boolean b = m.matches();
System.out.println(Result: + b);
Which returns true, however when I placed patternStr into my server.xml file
(following the conventions in the Tomcat docs of escaping the . with \ ):
Valve className=org.apache.catalina.valves.RemoteAddrValve
allow=192\.168\.*\.*/
This is not a Tomcat convention, it is how regular expressions work.
In a regular expression,
a . means 'any character'
\. mean 'the character .'
the expression \.* means a ., 0 or n times
The expression 192.168.1.2, as a regexp, matches 192.168.1.2, but
also matches 192A168+1C2 and 19201689152 (and a lot more strings),
since an unescaped . matches any character.
The regexp 192.168.*.* does not make much sense, since the first .*
will match anything that follows (or nothing), leaving nothing to match
for the second .*.
To match any address starting with 192.168., use
Valve className=org.apache.catalina.valves.RemoteAddrValve
allow=192\.168\..*/
or (if you want to be really finicky about it)
Valve className=org.apache.catalina.valves.RemoteAddrValve
allow=192\.168\.\d{1,3}\.\d{1,3}/
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
RE: RemoteAddrValve syntax
From: Jonathan Mast [mailto:jhmast.develo...@gmail.com] Subject: RemoteAddrValve syntax The Tomcat docs says it uses the java.util.regex package But you apparently didn't read the doc for java.util.regex, which is not anything like the wildcards you tried to use: http://java.sun.com/j2se/1.4.2/docs/api/java/util/regex/Pattern.html André has done your homework and provided the proper syntax. Java 1.4.2 You might want to consider moving up to a supported JRE level; 1.4.2 reached end-of-life last October. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: RemoteAddrValve syntax
André Warnier wrote:
[...]
To match any address starting with 192.168., use
Valve className=org.apache.catalina.valves.RemoteAddrValve
allow=192\.168\..*/
or (if you want to be really finicky about it)
Valve className=org.apache.catalina.valves.RemoteAddrValve
allow=192\.168\.\d{1,3}\.\d{1,3}/
What is not very clear in the on-line Tomcat documentation, is whether a
remote client address of 192.168.1.2 would be translated to the string
192.168.1.2 by Tomcat prior to matching in the Valve, or to for
example 192.168.001.002.
Maybe the Valve source code is clearer ?
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Re: RemoteAddrValve syntax
I looked at the javadocs for the RemoteAddrValve and they provided no
further clarity on the syntax issue.
You're right, my test case mistakenly returned a false positive, .* could
match anything its true and their is no common sense wildcard in the Java
Regex package. I looked at the javadoc for the regex package and found it a
little too pedantic. I thought javadocs were supposed to be human-readable
;-)
thanks for the help
On Sun, Apr 5, 2009 at 2:41 PM, André Warnier a...@ice-sa.com wrote:
André Warnier wrote:
[...]
To match any address starting with 192.168., use
Valve className=org.apache.catalina.valves.RemoteAddrValve
allow=192\.168\..*/
or (if you want to be really finicky about it)
Valve className=org.apache.catalina.valves.RemoteAddrValve
allow=192\.168\.\d{1,3}\.\d{1,3}/
What is not very clear in the on-line Tomcat documentation, is whether a
remote client address of 192.168.1.2 would be translated to the string
192.168.1.2 by Tomcat prior to matching in the Valve, or to for example
192.168.001.002.
Maybe the Valve source code is clearer ?
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
