On Thu, Apr 01, 2004 at 11:37:29PM +0200, Gianni Pucciani wrote:
: I'm using Tomcat 4.1 with Axis on a RH9 to develop a simple web service, : and I'm trying to improve securety starting Tomcat with xinetd supervision.
: [snip]
: I've searched the net for help about tomcat & xinetd but I didn't find : anything, so I wonder if u could just tell me something.
xinetd works by listening on a given port, then firing up the specified service when a request comes in on that port.
Are you sure this is what you want?
Even if this were to work, you'd end up starting a new Tomcat server for each connection. =)
In fact, this was one of my doubt, I dont't really want to start a new server for each request. I'm not perfectly aware of the ways Tomcat manage incoming requests, so I wonder how to setup the "server" declaration in xinet.d/tomcat service file. I was concerning about using xinetd supervision after read this article:
http://www-106.ibm.com/developerworks/java/library/l-secjav.html
What about using a firewall, and/or some of the access-control valves (I forget the exact names, but they let you limit access based on incoming IP, etc.)
Yes, I'm behind a router and I'm going to set a specific filter rule based on incoming address for request to port 8080.
-QM
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
