RE: Restrict to specific IP's

Wed, 10 Mar 2004 11:54:06 -0800 

Hi Ralph,

You were absolutely correct.

In servers.xml, there's a line as follows:

         By default, DNS lookups are enabled when a web application calls
         request.getRemoteHost().  This can have an adverse impact on
         performance, so you can disable it by setting the
         "enableLookups" attribute to "false".  When DNS lookups are
         disabled request.getRemoteHost() will return the String version
         of the IP address of the remote client.

I didn't realize that the default was actually "enableLookups=false".  I
changed this to "true" and it works fine. As a side note -- any idea why
access control allow/deny lists are by regular expression, and not just by
standard wildcard?  allow="*.cs.yorku.ca" doesn't work -- you need to do
".*cs.yorku.ca".

Also -- if I specify an invalid wildcard like "*.cs.yorku.ca" in the
context configuration file, the server obviously doesn't load the context,
giving this reason:

SEVERE: Error deploying configuration descriptor jas.example1.xml
java.io.IOException: java.lang.IllegalArgumentException: Syntax error in
request filter pattern *.cs.yorku.ca

However, how can I get it to try reloading the context without using
the manager or restarting the server? Removing the context file, and
replacing it doesn't do anything.   You can't undeploy/stop/start since it
hasn't been "deployed".  Ideas?

Thanks for your help ..

Jason.

On Wed, 10 Mar 2004, Ralph Einfeldt wrote:

> Do you have dnslookups enabled/disabled ?
>
> If this is disabled the hostname ist the IP.
>
> > -----Original Message-----
> > From: Jason Keltz [mailto:[EMAIL PROTECTED]
> > Sent: Wednesday, March 10, 2004 4:43 PM
> > To: Tomcat Users List
> > Subject: RE: Restrict to specific IP's
> >
> > However, something interesting to note -- RemoteHostValve
> > works if I refer to IPs and *not* hostnames!
> > Isn't that odd?  I thought RemoteHostValve
> > was for hostname, and RemoteAddrValve works for IP.
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to