On 19/02/2010 12:45, Kristof De Vos wrote:
Hello,
We have an application in php using Apache and we successfully limit the
access
to users accessing the site with a specific browser by checking the User
Agent.
We modified httpd.conf like this:
SetenvIf User-Agent "^FedPol-Portal/2.0" Agent_OK
<Directory "x">
Options Indexes FollowSymLinks Multiviews
Order deny,allow
Allow from env=Agent_OK
</Directory>
Now we have another server running Tomcat and we also need to limit the
access to
a specific browser, but I cannot find the way to do this.
Do I have to change something in server.xml? Or develop something specific
(filter)?
There's no server.xml config for this. A Servlet Filter would do it, as
would a Valve. See the RemoteIPValve for an implementation that solves
a similar problem.
http://svn.apache.org/repos/asf/tomcat/tc6.0.x/trunk/java/org/apache/catalina/valves/RemoteAddrValve.java
Given how easy it is to fake a User-Agent though...
p
thanks,
Kristof
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
