防止访问 Tomcat6 中的某些 webapps [英] Prevent access to certain webapps in Tomcat6
问题描述
我问这个是因为服务器故障,但真的没有太多运气,希望这里的人能够提供一些建议......
I asked this on server fault but really havent had much luck, hoping that someone here would be able to offer some advice...
我有一台运行良好的 Tomcat 6 服务器.我有外部访问工作.我想知道如何防止某人看到特定的 web 应用程序,例如,我不想从外部访问 ROOT tomcat 页面.我将如何阻止某些网络应用程序同时让其他网络应用程序对外部用户可见?
I have a Tomcat 6 server running just fine. I have external access working. I wanted to know how to prevent someone from seeing specific webapps, for example, I dont want external access to the ROOT tomcat page. How would I go about preventing some webapps while leaving other webapps visible to external users ?
这是我尝试过的:这拒绝一切,甚至 127.0.0.1 请求
Here's what I've tried: This denies everything even 127.0.0.1 requests
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
<Context path="/examples" docBase="" >
<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127.0.0.1"/>
</Context>
</Host>
这也否定了一切.
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
<Context path="/examples" docBase="" >
<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="*"/>
</Context>
</Host>
基本上,我试图阻止访问 ROOT 默认的 tomcat 页面和示例应用程序....
Basically I am trying to prevent access to the ROOT default tomcat page and the example apps....
有什么想法吗?
推荐答案
你不能对允许属性使用通配符...另一方面你可以strong> 使用 1 作为拒绝属性.
You can't use a wild card for the allow attribute...on the other hand you can use one for the deny attribute.
<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="*"/>
这就是为什么我用上面的代码得到 403.
This is why I was getting a 403 with the above code.
我处理这个问题的另一种方式是我创建了一个 jsp,将流量重定向到我想要的任何地方.
Also another way I handled this was I created a jsp that redirected traffic to wherever I wanted.
这篇关于防止访问 Tomcat6 中的某些 webapps的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!