Restrict access to specific URL (Apache Tomcat)

Question

How can I restrict access to a specific URL (it is a Tomcat Application Server)? e.g. http://localhost:8081/application cannot be accessed by an user except a specified IP (that is the calling service)

Answer 1

Quote:

The Remote Address filter, org.apache.catalina.valves.RemoteAddrValve, allows you to compare the IP address of the requesting client against one or more regular expressions to either allow or prevent the request from continuing based on the results of this comparison. A Remote Address filter can be associated with a Tomcat Engine, Host, or Context container. org.apache.catalina.valves.RemoteAddrValve.

http://www.oxxus.net/tutorials/tomcat/tomcat-valve.htm

So, you'd need something along the lines of

<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="<your-ip-here>"/>

For possible values, see

http://tomcat.apache.org/tomcat-6.0-doc/config/valve.html#Remote_Address_Filter

You should be able to set this in the WEB-INF/web.xml for your application, see

http://oreilly.com/java/archive/tomcat.html

Answer 2

Goto following path: C:\Program Files\Apache Software Foundation\Tomcat 6.0\conf\Catalina\localhost\

Under this path you find "manager.xml" file.

Edit "manager.xml" file, with following content:

<Context path="/manager" debug="0" privileged="true">

      <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127.0.0.1,10.100.1.2"/>

      <!-- Link to the user database we will get roles from
      <ResourceLink name="users" global="UserDatabase" type="org.apache.catalina.UserDatabase"/>
        -->

</Context>

Save and run server. You got it.

NOTE :

• 127.0.0.1 MEANS YOUR SYSTEM IP
• 10.100.1.2 -THIS IS YOUR FRIENDS IP.