aspose file tools*
The moose likes Tomcat and the fly likes Manager & Admin Webapp Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of EJB 3 in Action this week in the EJB and other Java EE Technologies forum!
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Manager & Admin Webapp" Watch "Manager & Admin Webapp" New topic
Author

Manager & Admin Webapp

Adnan Memon
Ranch Hand

Joined: Mar 09, 2003
Posts: 32
How can we make Manager and Admin webapp only accessible from localhost..not accessible from anywhere else

Thanking in advance
William Brogden
Author and all-around good cowpoke
Rancher

Joined: Mar 22, 2000
Posts: 12675
    
    5
After looking through various Tomcat and servlet docs, it looks to me like this sort of security restriction is not easy to implement in your basic tomcat. I think you are going to need something beyond the basic role defining method that comes with Tomcat.
Bill
B Stokes
Greenhorn

Joined: Aug 04, 2004
Posts: 9
You could turn on the security manager in tomcat and change the catalina security policy file to only allow ip 127.0.0.1 access to the url where the manager and admin web apps exist.
[ September 24, 2004: Message edited by: B Stokes ]
Eelco den Heijer
Ranch Hand

Joined: Jan 17, 2002
Posts: 61
I guess you can also put a RemoteHostValve or RemoteAddrValve on top of your admin app, and restrict access to a number of IP addresses or host names


== <br />Rgrds,<br />Eelco<br /> <br />SCJP, SCJD, SCBCD, SCWD, SCEA
William Brogden
Author and all-around good cowpoke
Rancher

Joined: Mar 22, 2000
Posts: 12675
    
    5
I don't think the security option would help - it mainly seems to control which applications can use which resources. I don't see any way for it to look at the request source.
Bill
Eelco den Heijer
Ranch Hand

Joined: Jan 17, 2002
Posts: 61
I agree that it is not enough; but if you use one of these valves with a proper realm, I think it's pretty solid.
Darren Bishop
Greenhorn

Joined: Feb 28, 2005
Posts: 1
I agree...

It explictly says, at least in the 5.5 admin.xml to use to restrict access to the admin app to requests originating from the local machine.

Does anyone have any idea why clicking on the handles in the admin tree might not respond by expanding?

Warm regards


Darren Bishop, BSc (Hons), MBCS
Rich Raposa
Ranch Hand

Joined: Dec 06, 2001
Posts: 46
My experience with the admin app is that it is buggy at best! It can be useful at times and worthless at other times. For example, defining a database connection at the context level rarely works for me using the admin app - and I have done this dozens of times on different platforms and setups.

This might sound harsh, but my advice is to not use the admin app unless you really don't know what you are doing otherwise.


Rich Raposa<br /><a href="http://www.javalicense.com" target="_blank" rel="nofollow">http://www.javalicense.com</a><br />Buy Java courseware -> get a free XBox!
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Manager & Admin Webapp
 
Similar Threads
how to upload jsp web application on the windows 2003 server
Poll to help my decision...
how to load a new jar file while server is running
client-server communication
Tomcat 7 : change port number for manager app