On Mon, Feb 21, 2005 at 02:55:53PM -0800, Dola Woolfe wrote: : First, I'm sure this is documented so can anyone point : me to the documentation on how to determine the client : application.
Check for the "User-Agent" header. (I may have made a typo on the name, but if you iterate through the headers you'll see it right away) : Second, does Tomcat itself do anything different : depending on who's making the request. I sometimes : notice that IE's requests are fielded faster than : wget's requests. It shouldn't -- perhaps there's something different about how wget makes its requests? : Finally, is there a blanket way to prevent wget : requests? Yes and no: yes - use a Servlet Filter that refuses requests based on the User-Agent header. yes - employ user authentication. If the offending clients are coming from off-site, adjust your network topology such that the app in question is only available from the inside (proactive), or block the offending IPs using a firewall (reactive). no - if the user changes the User-Agent header from wget. IIRC wget has a switch for this; and if not, the source is wide-open. Note that user auth/firewall/etc are the solid solutions. There are myriad non-browser clients out there besides wget, and you'll have a devil of a time fending the all off. -QM -- software -- http://www.brandxdev.net tech news -- http://www.RoarNetworX.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
