RemoteAddrValve syntax
How do I specify wildcards in the RemoteAddrValue declaration? The Tomcat docs says it uses the java.util.regex package, so i wrote a test case like this: String patternStr = 192.168.*.*; String searchStr = 192.168.1.2; Pattern p = Pattern.compile(patternStr); Matcher m = p.matcher(searchStr); System.out.println(Does + patternStr); System.out.println(Match + searchStr); boolean b = m.matches(); System.out.println(Result: + b); Which returns true, however when I placed patternStr into my server.xml file (following the conventions in the Tomcat docs of escaping the . with \ ): Valve className=org.apache.catalina.valves.RemoteAddrValve allow=192\.168\.*\.*/ It didn't match, ie. I couldn't get in. I hard coded my current ip into the above value and it worked, but I need to match any 192.168.*.* address. How do specify this in server.xml? Thanks Setup: Java 1.4.2 Tomcat 5.5
Re: RemoteAddrValve syntax
Jonathan Mast wrote: How do I specify wildcards in the RemoteAddrValue declaration? The Tomcat docs says it uses the java.util.regex package, so i wrote a test case like this: String patternStr = 192.168.*.*; String searchStr = 192.168.1.2; Pattern p = Pattern.compile(patternStr); Matcher m = p.matcher(searchStr); System.out.println(Does + patternStr); System.out.println(Match + searchStr); boolean b = m.matches(); System.out.println(Result: + b); Which returns true, however when I placed patternStr into my server.xml file (following the conventions in the Tomcat docs of escaping the . with \ ): Valve className=org.apache.catalina.valves.RemoteAddrValve allow=192\.168\.*\.*/ This is not a Tomcat convention, it is how regular expressions work. In a regular expression, a . means 'any character' \. mean 'the character .' the expression \.* means a ., 0 or n times The expression 192.168.1.2, as a regexp, matches 192.168.1.2, but also matches 192A168+1C2 and 19201689152 (and a lot more strings), since an unescaped . matches any character. The regexp 192.168.*.* does not make much sense, since the first .* will match anything that follows (or nothing), leaving nothing to match for the second .*. To match any address starting with 192.168., use Valve className=org.apache.catalina.valves.RemoteAddrValve allow=192\.168\..*/ or (if you want to be really finicky about it) Valve className=org.apache.catalina.valves.RemoteAddrValve allow=192\.168\.\d{1,3}\.\d{1,3}/ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: RemoteAddrValve syntax
From: Jonathan Mast [mailto:jhmast.develo...@gmail.com] Subject: RemoteAddrValve syntax The Tomcat docs says it uses the java.util.regex package But you apparently didn't read the doc for java.util.regex, which is not anything like the wildcards you tried to use: http://java.sun.com/j2se/1.4.2/docs/api/java/util/regex/Pattern.html André has done your homework and provided the proper syntax. Java 1.4.2 You might want to consider moving up to a supported JRE level; 1.4.2 reached end-of-life last October. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: RemoteAddrValve syntax
André Warnier wrote: [...] To match any address starting with 192.168., use Valve className=org.apache.catalina.valves.RemoteAddrValve allow=192\.168\..*/ or (if you want to be really finicky about it) Valve className=org.apache.catalina.valves.RemoteAddrValve allow=192\.168\.\d{1,3}\.\d{1,3}/ What is not very clear in the on-line Tomcat documentation, is whether a remote client address of 192.168.1.2 would be translated to the string 192.168.1.2 by Tomcat prior to matching in the Valve, or to for example 192.168.001.002. Maybe the Valve source code is clearer ? - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: RemoteAddrValve syntax
I looked at the javadocs for the RemoteAddrValve and they provided no further clarity on the syntax issue. You're right, my test case mistakenly returned a false positive, .* could match anything its true and their is no common sense wildcard in the Java Regex package. I looked at the javadoc for the regex package and found it a little too pedantic. I thought javadocs were supposed to be human-readable ;-) thanks for the help On Sun, Apr 5, 2009 at 2:41 PM, André Warnier a...@ice-sa.com wrote: André Warnier wrote: [...] To match any address starting with 192.168., use Valve className=org.apache.catalina.valves.RemoteAddrValve allow=192\.168\..*/ or (if you want to be really finicky about it) Valve className=org.apache.catalina.valves.RemoteAddrValve allow=192\.168\.\d{1,3}\.\d{1,3}/ What is not very clear in the on-line Tomcat documentation, is whether a remote client address of 192.168.1.2 would be translated to the string 192.168.1.2 by Tomcat prior to matching in the Valve, or to for example 192.168.001.002. Maybe the Valve source code is clearer ? - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org