Re: How to restrict access to specific webapp + denyStatus

2017-03-10 Thread Diego Gomes 
Ohh, I see now! Thanks Mark and André!

I'll plan to upgrade it!

Diego

On 10 Mar 2017, at 07:10, André Warnier (tomcat)  wrote:

> On 10.03.2017 11:04, Diego Gomes wrote:
> Thanks Mark!
> 
> In that link just say that is possible, but do not say how to get 404 and not 
> 403.

No, what that link says, it that the denyStatus feature was only introduced in 
a later version of tomcat 7, than the one you are using.
You should at least upgrade to the latest available tomcat 7 version, and 
preferably to the latest available tomcat version.
See here :
http://tomcat.apache.org/whichversion.html


> 
> Diego
> 
> On 10 Mar 2017, at 06:17, Mark Thomas  wrote:
> 
> On 09/03/17 23:51, Diego Gomes wrote:
> 
> 
> 
>> My questions:
>> 
>> - For the first statement, that configuration I did (Student.xml) is
>> the correct way?
> 
> Yes.
> 
>> - Why the 404 denyStatus is not working?
>> 
>> I am running tomcat 7.0.11
> 
> http://svn.apache.org/repos/asf/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?view=log
> 
> Search for "denyStatus"
> 
> Mark
> 
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
> 
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
> 


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: How to restrict access to specific webapp + denyStatus

2017-03-10 Thread tomcat 

On 10.03.2017 11:04, Diego Gomes wrote:

Thanks Mark!

In that link just say that is possible, but do not say how to get 404 and not 
403.


No, what that link says, it that the denyStatus feature was only introduced in a later 
version of tomcat 7, than the one you are using.
You should at least upgrade to the latest available tomcat 7 version, and preferably to 
the latest available tomcat version.

See here :
http://tomcat.apache.org/whichversion.html




Diego

On 10 Mar 2017, at 06:17, Mark Thomas  wrote:

On 09/03/17 23:51, Diego Gomes wrote:




My questions:

- For the first statement, that configuration I did (Student.xml) is
the correct way?


Yes.


- Why the 404 denyStatus is not working?

I am running tomcat 7.0.11


http://svn.apache.org/repos/asf/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?view=log

Search for "denyStatus"

Mark


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org




-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: How to restrict access to specific webapp + denyStatus

2017-03-10 Thread Diego Gomes 
Thanks Mark!

In that link just say that is possible, but do not say how to get 404 and not 
403.

Diego

On 10 Mar 2017, at 06:17, Mark Thomas  wrote:

On 09/03/17 23:51, Diego Gomes wrote:



> My questions:
> 
> - For the first statement, that configuration I did (Student.xml) is
> the correct way?

Yes.

> - Why the 404 denyStatus is not working?
> 
> I am running tomcat 7.0.11

http://svn.apache.org/repos/asf/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?view=log

Search for "denyStatus"

Mark


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: How to restrict access to specific webapp + denyStatus

2017-03-10 Thread Mark Thomas 
On 09/03/17 23:51, Diego Gomes wrote:



> My questions:
> 
>  - For the first statement, that configuration I did (Student.xml) is
> the correct way?

Yes.

>  - Why the 404 denyStatus is not working?
> 
> I am running tomcat 7.0.11

http://svn.apache.org/repos/asf/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?view=log

Search for "denyStatus"

Mark


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

How to restrict access to specific webapp + denyStatus

2017-03-09 Thread Diego Gomes 
Hello guys!


inside of my "/opt/tomcat7/webapps/" folder, I have many apps over there


I would like to protect for instance, "Student" (/opt/tomcat7/webapps/Student) 
app to only allow specific IP address, so I did:


"# vi /opt/tomcat7/conf/Catalina/localhost/Student.xml" and addedd:



   


It is working, I am not able to access the https://server.domain.com/Student 
while I am not source = 127.0.0.1 []

But, My HTTP Status on Browser, does not show 404, always saying 403...

My questions:

 - For the first statement, that configuration I did (Student.xml) is the 
correct way?
 - Why the 404 denyStatus is not working?

I am running tomcat 7.0.11

Thanks!


Diego