In fact, what I really want is to prevent any other IIS or Apache to connect to my 8009 connector port, for my IIS machine is used for authentication. I don't want that someone can bypass this.
I tried to use a Request Filter valve by adding this in my server.xml : <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="ip_address_of_my_iis_server"/> But it doesn't work. Even if my clients don't connect directly to my Tomcat server (only my IIS server does, and i can verify this by using the netstat command), they are blocked by this valve. It seems that my IIS tells Tomcat that its IP adress is my client's one. Maybe that's why my clients IP addresses are logged in Tomcat when this valve is disabled. So now this valve is not enabled anymore, and if someone installs a web connector pointing to my Tomcat server, it will have access to my webapps... Any help will be appreciated. Fred -----Message d'origine----- De : SANTOS, DANIEL (SBCSI) [mailto:[EMAIL PROTECTED] Envoyé : vendredi 18 mars 2005 18:22 À : Tomcat Users List Cc : MAES NICOLAS Objet : RE: Tomcat behind IIS sure, just go into your server.xml and remove the web connector <Connector port="8080" /> I'm using the minimal server.xml (slightly modified) so there may be more parameters in yours. This element is contained with in the <Service> tag which is in the <Server> tag. Daniel -----Original Message----- From: VAN DER MARLIERE FREDERIC [mailto:[EMAIL PROTECTED] Sent: Friday, March 18, 2005 10:58 AM To: tomcat-user@jakarta.apache.org Cc: MAES NICOLAS Subject: Tomcat behind IIS Hi all, I installed a tomcat 5.0 behind an IIS server. Everything works fine with the connector. Now, I would like that Tomcat only accepts connections from this IIS server and not from others computers (still accessible from http://myhost:8080/myApplication <http://myhost:8080/myApplication> ). Is there a simple way to do this in server.xml (or other tomcat config files) or do I have to install a firewall ? Thanks in advance. Fred. ---------------------------------------------------- Ce message et toutes les pieces jointes (ci-apres le "message") sont confidentiels et etablis a l'intention exclusive de ses destinataires. Toute utilisation ou diffusion non autorisee est interdite.Tout message electronique est susceptible d'alteration. Le CREDIT DU NORD et ses filiales declinent toute responsabilite au titre de ce message s'il a ete altere, deforme ou falsifie. This message and any attachments ( the "message") are confidential and intended solely for the addressees. Any unauthorised use or dissemination is prohibited.E-mails are susceptible to alteration. Neither CREDIT DU NORD nor any of its subsidiaries or affiliates shall be liable for the message if altered, changed or falsified. ---------------------------------------------------- ---------------------------------------------------- Ce message et toutes les pieces jointes (ci-apres le "message") sont confidentiels et etablis a l'intention exclusive de ses destinataires. Toute utilisation ou diffusion non autorisee est interdite.Tout message electronique est susceptible d'alteration. Le CREDIT DU NORD et ses filiales declinent toute responsabilite au titre de ce message s'il a ete altere, deforme ou falsifie. This message and any attachments ( the "message") are confidential and intended solely for the addressees. Any unauthorised use or dissemination is prohibited.E-mails are susceptible to alteration. Neither CREDIT DU NORD nor any of its subsidiaries or affiliates shall be liable for the message if altered, changed or falsified. ---------------------------------------------------- --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]