Nar Karapetyan wrote:
Hi,
I need to allow access to tomcat manager
(http://<servername>:<port>/manager/html)
only to the localhost using Tomcat's means.
Inspecting the request for the IP, and blocking a non-localhost ip is not
accepted as per the requirement I have.
How can I do that?
I have tried to add the following to the catalina.policy file, but it didn't
work:
grant codeBase "http://<server ip>:8080/manager/html" {
permission java.net.SocketPermission "127.0.0.1", "connect";
};
Thank you,
Regards,
Nareg Garabedian
Hi ,
$CATALINA_HOME/conf/Catalina/localhost/manager.xml
$cat manager.xml
<Context path="/manager" debug="0" privileged="true">
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127.0.0.1,192.168.1.107"/>
<!-- Link to the user database we will get roles from
<ResourceLink name="users" global="UserDatabase"
type="org.apache.catalina.UserDatabase"/>
-->
</Context>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
