Re: [us...@httpd] Combining mod_jk and Location Directives
On Mon, Apr 19, 2010 at 4:22 PM, Nick Tkach wrote: > Is it possible, for a given URL that's being directed to mod_jk, to lock it > down so that you can only access it from a particular subnet? > > For example, let's say I have an app with JkMounts defined: > > JkMount /myapp worker1 > JkMount /myapp/sub worker2 > JkMount / worker3 > > Then I have a sub-directory, /admin that I want to restrict to being only > available from 192.168.1.*. Is there some combination of JkMount and > something like this that will get the desired effect or is this not possible > with just mod_jk and Location? Do you *have* to do something with Java > enterprise resources to lock it down? > > > Order deny, allow > deny from all > allow from 192.168.1 > > I don't use mod_jk, but doesn't what you typed do exactly what you want? Have you tried it? The authnz layers in apache don't care where the actual content comes from*. Cheers Tom * For - obviously for they do.. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[us...@httpd] Combining mod_jk and Location Directives
Is it possible, for a given URL that's being directed to mod_jk, to lock it down so that you can only access it from a particular subnet? For example, let's say I have an app with JkMounts defined: JkMount /myapp worker1 JkMount /myapp/sub worker2 JkMount / worker3 Then I have a sub-directory, /admin that I want to restrict to being only available from 192.168.1.*. Is there some combination of JkMount and something like this that will get the desired effect or is this not possible with just mod_jk and Location? Do you *have* to do something with Java enterprise resources to lock it down? Order deny, allow deny from all allow from 192.168.1 This email message and any attachments are for the sole use of the intended recipient(s) and may contain information that is proprietary to Ahold and/or its subsidiaries (“Ahold”) or otherwise confidential or legally privileged. If you have received this message in error, please notify the sender by reply, and delete all copies of this message and any attachments. If you are the intended recipient you may use the information contained in this message and any files attached to this message only as authorized by Ahold. Files attached to this message may only be transmitted using secure systems and appropriate means of encryption, and must be secured using the same level of password and security protection with which the file was provided to you. Any unauthorized use, dissemination or disclosure of this message or its attachments is strictly prohibited. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
