Getting problem while applying IP restriction

My web application name is 'ucp' and i want to apply IP restriction on 'Admin' folder in it.
i wrote following code in ..\tomcat6\conf\Catalina\localhost\ucp.xml

but whole application has been forbidden for mentioned IP address instead of only 'Admin' folder.
Need help!

"Admin" isn't a folder, it's a webapp, and depending on how things are deployed, it may not even be the actual URL root for the deployed webapp.

You may find that placing the webapp in its own virtual Host helps.

Thank you for your reply Tim,
Actually i have two portions of my webapp;
1. for students having URL online.ucp.edu.pk/Student/index.htm
2. for administrators having URL online.ucp.edu.pk/Admin/index.htm

What i want is to allow/restrict administrator portion from some specific IPs or rage of IPs.

xml code i mentioned is restricting whole application, but i need to restrict only administrator portion not students portion.

Since you say that's one app, I presume you've installed it as the root app, which means your Context definition is all wrong. Context is for an entire webapp, not part of a webapp.

Normally I do that kind of access control by setting up rules in the J2EE security system, not by IP filtering. That way administrators can work from home, if they need to and students can't get access to admin functions just because they're on-campus..

If your web application name is ucp, you can't have a path attribute in context pointing to /Admin. In fact, you shouldn't have the path attribute set at all.

http://tomcat.apache.org/tomcat-6.0-doc/config/context.html