Add this to web.xml
<filter>
<filter-name>AccessControl</filter-name>
<filter-class>package.AccessControl</filter-class> </filter>
<filter-mapping> <filter-name>AccessControl</filter-name> <url-pattern>/directoryName/*</url-pattern> </filter-mapping>
import java.io.IOException; import java.util.Properties;
import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse;
/** * @author haim */ public class AccessControl implements Filter {
/* (non-Javadoc)
* @see javax.servlet.Filter#init(javax.servlet.FilterConfig)
*/
public void init(FilterConfig arg0) throws ServletException {
System.out.println("Init AccessControl");
}
/**
* Filter the pages accessing back office by their IP address prefix.
* The following must be set in order to keep this filter working
* 1. Setting of the filter in the web.xml file
* 2. Defining address prefix in the main.properties file by defining the
* key access.filter
* @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)
*/
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest httpReq = (HttpServletRequest) request;
HttpServletResponse httpResp = (HttpServletResponse) response;
String remoteAddress=request.getRemoteAddr();
System.out.println("Backoffice Access request from "+ remoteAddress);
//allow only ip's starting with 10.0.
if(remoteAddress.startsWith("10.0.")){
System.out.println("Access aproved");
}else{
System.out.println("Access rejected!");
httpResp.sendError(HttpServletResponse.SC_FORBIDDEN);
}
/*
* Process the rest of the filter chain, if any, and ultimately
* the requested servlet or JSP page.
*/
chain.doFilter(request, response);
}
}
Regards Haim Jobish P wrote:
Hi all,
I am a newbie to Tomcat. I have installed Tomcat 5.0.19 on Redhat LInux 9, and going fine. I would like to restrict some of my directories to certain IP's only, say a range of IP. How can I restrict access to a directory in /tomcat/webappas/ROOT on the basis of IP ? I tried with valves, but not sure how to restrict the restriction only to particular directories.
It will be of nice if you could provide a solution,
cheers, ------------------------------------------------------------------------------- JOBISH P NCSI Indian Institute of Science Bangalore-12 --------------------------------------------------------------------------------
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]