如何保护webapp仅被本地主机访问？ [英] How does one protect a webapp to be accessed only by localhost?

问题描述

我计划在同一个java容器中运行一个 java web应用程序和 solr 。我希望Web应用程序可以公开访问，但是solr只能在同一容器中的其他Web应用程序访问。 Solr应该只能作为localhost访问，而不能从外部访问。我们可以在web-xml中写一些规则来实现吗？

I am planning to run a java web application and solr in the same java container. I want the web application to be publicly accessible but solr to be accessible only to the other web applications in the same container. Solr should be accessible only as localhost and not from outside. Can we write some rules in the web-xml to achieve this?

推荐答案

这实际上是 serverfault 。无论如何，您可以以与处理任何内部服务器（如数据库服务器）相同的方式处理此问题：不要给Solr一个公共IP，或将其放在防火墙后面。

This is actually a question for serverfault. Anyway, you can deal with this the same way you deal with any internal server, like a database server: don't give Solr a public IP, or put it behind a firewall.

除此之外，您可以设置HTTP验证（ Tomcat示例 ）或将容器设置为仅监听本地主机（即，如果您的Web应用程序在同一个框上运行）（ jetty示例），但我建议将其放在正确配置的防火墙后面。

Other than that, you could set up HTTP auth (Tomcat example) or set the container to only listen on localhost (that is, if your web app runs on the same box) (jetty example), but I recommend putting it behind a properly configured firewall instead.

另请参阅 SolrSecurity wiki页面，但它主要涉及Solr级安全性。

Also see the SolrSecurity wiki page, but it deals mostly with Solr-level security.

这篇关于如何保护webapp仅被本地主机访问？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！