Tomcat 6 IP restrictions

Posted by KB22 on Server Fault See other posts from Server Fault or by KB22
Published on 2009-12-03T08:34:00Z Indexed on 2011/11/19 1:54 UTC
Read the original article Hit count: 607

Filed under:
|
|

I need to protect a certain folder within a web application of mine from access from outside of an defined IP range.

With O'Reilly's Tomcat Tips I figured that:

<Context path="/path/to/secret_files" ...>
  <Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow="127.0.0.1" deny=""/>
</Context>

Is the way to go?

I'm not that much into tomcat configuration so I'm dazzled a little as to where to put these restrictions. Do I put this Within my web.xml or is this a thing I need to add to some general tomcat conf file?

© Server Fault or respective owner

Related posts about tomcat

Related posts about ip