I believe the RemoteAddrValve uses regular expression, so try a leading period as I'm not sure how reg exp treats a leading asterik.
'.*' should allow all Charlie > -----Original Message----- > From: Richard S. Huntrods [mailto:[EMAIL PROTECTED]] > Sent: Saturday, December 22, 2001 1:35 PM > To: [EMAIL PROTECTED] > Subject: A problem with manager and Valves... > > > Greetings! > > I have the manager servlets working quite fine - even have the HTTP > version running. I added the user to "tomcat-users.xml", edited > "server.xml" to enable the manager (it was commented out), and even > edited the manager/WEB-INF/web.xml to change it to > "HTMLManagerServlet". > > However, if I add a "Valve" to server.xml to try and restrict access, > then everything is denied. > > Here's the lines in server.xml: > > <Context path="/manager" docBase="manager" debug="0" > privileged="true"> > > <Valve className="org.apache.catalina.valves.RemoteAddrValve" > accept="*.*.*.*"/> > </Context> > > I've tried this valve with accept="*,*,*,*" as above, and with > accept="*". Neither works. > > I've also tried "RemoteHostValve" with accept="localhost" and > accept="*", both as the only valve and in combination with the > RemoteAddrValve. > > So far the only thing that works is if I comment out the valve > competely. I have set debug to 1, and there are no errors in > any of the > log files - except the following entries in > localhost_access_log.2001-12-22.txt: > > 127.0.0.1 - - [22/Dec/2001:11:22:07 -0700] "GET /manager/list > HTTP/1.1" > 401 618 > 127.0.0.1 - manager [22/Dec/2001:11:22:11 -0700] "GET /manager/list > HTTP/1.1" 200 5573 > > The first entry is with the valve (above) in place, the > second entry is > with the valve commented out. The user name "manager" is > just for local > testing. As an aside, I sure would like to know what 401 618 > means (the > 401 is access denied, I believe). > > This is Tomcat 4.0.1 running very successfully on Windows 2000, and > using IE on the same machine (accessing > "https://localhost/manager/list"; > in both cases). > > What am I missing? > > > > -- > To unsubscribe: <mailto:[EMAIL PROTECTED]> > For additional commands: <mailto:[EMAIL PROTECTED]> > Troubles with the list: <mailto:[EMAIL PROTECTED]> > -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>
