DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23759>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23759 allow web.xml security-constraint to restrict by request-origin-host or used-port Summary: allow web.xml security-constraint to restrict by request-origin-host or used-port Product: Tomcat 4 Version: 4.1.28 Platform: Other URL: http://www.cafesoft.com/products/cams/tomcat- security.html OS/Version: Other Status: NEW Severity: Enhancement Priority: Other Component: Catalina AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] it would be great to be able to restrict access by port or origin host or to have "Deny lists" as described in the above URL e.g. to allow a cron-job (struts) action only be triggered from my server's LAN or such that this particular action can only be triggered if the request to do so comes in via a specified non-standard port that is not open on my firewall. P.S.: Is there anywhere a comprehensive description of what can be done with security-constraints? --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]