Tomcat 6 IP restrictions
- by KB22
I need to protect a certain folder within a web application of mine from access from outside of an defined IP range.
With O'Reilly's Tomcat Tips I figured that:
<Context path="/path/to/secret_files" ...>
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127.0.0.1" deny=""/>
</Context>
Is the way to go?
I'm not that much into tomcat configuration so I'm dazzled a little as to where to put these restrictions. Do I put this Within my web.xml or is this a thing I need to add to some general tomcat conf file?