Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Cloud/Virtualization forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Manager & Admin Webapp

 
Adnan Memon
Ranch Hand
Posts: 32
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
How can we make Manager and Admin webapp only accessible from localhost..not accessible from anywhere else

Thanking in advance
 
William Brogden
Author and all-around good cowpoke
Rancher
Posts: 13056
6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
After looking through various Tomcat and servlet docs, it looks to me like this sort of security restriction is not easy to implement in your basic tomcat. I think you are going to need something beyond the basic role defining method that comes with Tomcat.
Bill
 
B Stokes
Greenhorn
Posts: 9
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You could turn on the security manager in tomcat and change the catalina security policy file to only allow ip 127.0.0.1 access to the url where the manager and admin web apps exist.
[ September 24, 2004: Message edited by: B Stokes ]
 
Eelco den Heijer
Ranch Hand
Posts: 61
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I guess you can also put a RemoteHostValve or RemoteAddrValve on top of your admin app, and restrict access to a number of IP addresses or host names
 
William Brogden
Author and all-around good cowpoke
Rancher
Posts: 13056
6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I don't think the security option would help - it mainly seems to control which applications can use which resources. I don't see any way for it to look at the request source.
Bill
 
Eelco den Heijer
Ranch Hand
Posts: 61
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I agree that it is not enough; but if you use one of these valves with a proper realm, I think it's pretty solid.
 
Darren Bishop
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I agree...

It explictly says, at least in the 5.5 admin.xml to use to restrict access to the admin app to requests originating from the local machine.

Does anyone have any idea why clicking on the handles in the admin tree might not respond by expanding?

Warm regards
 
Rich Raposa
Ranch Hand
Posts: 46
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
My experience with the admin app is that it is buggy at best! It can be useful at times and worthless at other times. For example, defining a database connection at the context level rarely works for me using the admin app - and I have done this dozens of times on different platforms and setups.

This might sound harsh, but my advice is to not use the admin app unless you really don't know what you are doing otherwise.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic