jQuery in Action, 3rd edition
The moose likes Tomcat and the fly likes   Tomcat IIS security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "  Tomcat IIS security" Watch "  Tomcat IIS security" New topic

Tomcat IIS security


Joined: Sep 27, 2001
Posts: 4
I have a small web application running on tomcat and i am using IIS for security reasons. If access my application through the port of IIS like http://ip:iisport/index.html the request goes through IIS and the NT security is implemented. But if i use the tomcat port like http://ip:tomcatport/index.html the request is by passing the IIS and directly accessing the application.
If some one knows the port of tomcat the real security problem arises.
I want to force the users to go through IIS.
Is there any way to implement this?
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 17417

You're using <b>IIS</b> for <b><i>SECURITY REASONS???!!!</i><b>
OK, I've stopped choking. I understand what you mean.
Normally, blocking ports is the job of the firewall. However, NT has no internal firewall, nor, does Win2K (I think), so you'd need an external box. Failing that, you might patch the Tomcat pipeline to only accept requests with the server's local IP address. Catalina should be easy to do that to, since it has very clean lines between its subsystems.

An IDE is no substitute for an Intelligent Developer.
I agree. Here's the link: http://aspose.com/file-tools
subject: Tomcat IIS security
jQuery in Action, 3rd edition