> From: Nikhil [mailto:[EMAIL PROTECTED] > Subject: tomcat, apache with mod_jk and mod_auth_kerb > > I have earlier tried using the mod_rewrite module > with proxy .. but that would ask me to enable the > http connector port of the tomcat instance and will > prompt to keep the spoofing chances wide open.
Not necessarily. You could configure address attribute of the Tomcat HTTP <Connector> to listen only on 127.0.0.1 if httpd is on the same system, or if on a different system, configure Tomcat's RemoteAddrValve to limit requests to just that system. http://tomcat.apache.org/tomcat-6.0-doc/config/http.html http://tomcat.apache.org/tomcat-6.0-doc/config/valve.html#Remote%20Address%20Filter You may need to adjust the above links for the Tomcat version you're using, which you didn't bother to tell us. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]