• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Rob Spoor
  • Tim Cooke
  • Junilu Lacar
Sheriffs:
  • Henry Wong
  • Liutauras Vilda
  • Jeanne Boyarsky
Saloon Keepers:
  • Jesse Silverman
  • Tim Holloway
  • Stephan van Hulst
  • Tim Moores
  • Carey Brown
Bartenders:
  • Al Hobbs
  • Mikalai Zaikin
  • Piet Souris

Securing the Web Service Request

 
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi
I have web service deployed on Apache Tomcat server on windows Server.
Is it possible to restrict the access by web application in tomcat.
For example:
app1:-Webservice1
app2:-transcation

I want to restrict the app1 to accept request from on specific IP address

app2 to global

I am able to restrict the specific IP address the process the request from server.xml in tomcat .

<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="10\.0\.0\.0" />

How can I do by Context. Please help

Thanks
Padma


 
Bartender
Posts: 4109
72
Hibernate Fedora Chrome
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Did you try defining a separate context and apply the Valve configuration [1]?
 
Saloon Keeper
Posts: 24310
167
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Likes 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Welcome to the JavaRanch, Padma!

Using a different IP address is no real security. If an unfriendly person can get to any IP address, that address can be attacked. J2EE defines a true security system and I suggest studying that.

If you actually have a practical need for different virtual hosts at different IP addresses, you have to have a deeper understanding of how Tomcat is assembled from its components. Tomcat's primary elements are Servers, Hosts, and Engines. Connector elements define which IP address(es) a given host will listen to and thus process.

In practice, any site that is complex enough to need multiple virtual hosts often needs to be able to present both J2EE and non-J2EE webapps (such as PHP or Django) and a better solution is to define them all to a front-end server such as Apache. Apache can then tunnel the JEE-specific requests to one or more Tomcat server/app combinations. Apache is also more secure as a web-facing system since it doesn't require elevated privileges to listen to standard ports 80 and 8443 the way Tomcat does.
 
What does a metric clock look like? I bet it is nothing like this tiny ad:
Thread Boost feature
https://coderanch.com/t/674455/Thread-Boost-feature
reply
    Bookmark Topic Watch Topic
  • New Topic