Hi; Thanks for your interest. Yes, I realized context idea once i read the documentation.I must admit the hierarchy is weird but it's a custom installer of a site that installs on Windows machine. There is no Tomcat manager console in place (at least I didn't see/enable).
The hierarchy is as this: <programnameunderCdriveProgramFiles>tomcat/webapps/ROOT/WEB-INF and under WEB-INF, there is jsp folder in which it covers the jsp pages of admin that i want to filter out for a particular IP. I think, there is no concern to make the change in server.xml because there will be absolutely one web application under this Tomcat. So, the change can be application-wide i guess. For just testing, within the given valve above, i can filter out index.jsp which is in the path, <programnameunderCdriveProgramFiles>/tomcat/webapps/ROOT/ and i can filter that particular file successfully but fail to filter <programnameunderCdriveProgramFiles>/tomcat/webapps/ROOT/WEB-INF/jsp/admin folder. Thanks for your help. Regards. 2014-09-25 14:52 GMT+02:00 Christopher Schultz <ch...@christopherschultz.net >: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Baran, > > On 9/24/14 5:04 PM, Baran Topal wrote: > > Hi, following works under server.xml > > > > <Context path="/index.jsp" reloadable="true"> <Valve > > className="org.apache.catalina.valves.RemoteAddrValve" > > deny="127\.0\.0\.1"/> </Context> > > Yes, it will work, but declaring a <Context> in server.xml is a Bad > Idea. It's better to use a META-INF/context.xml file, or, even better, > a file in CATALINA_BASE/conf/[engine]/[host]/[webapp].xml > > > But, i need to hide my admin directory containing admin.jsp pages > > (more than 1 jsp page) > > The above configuration will deny all users from localhost (but only > using IPv4) for all URL patterns matching your /index.jsp context (why > in the world would you have a context path /index.jsp?). > > Something tells me you are seriously misconfiguring this server. > > > My admin directory is in WEB-INF and WEB-INF is in the same level > > with /index.jsp but simply, not working when i ref. the context as > > /WEB-INF/admin > > No remote client should be able to directly access anything in > /WEB-INF/ unless you have really done some damage to your server. > > - -chris > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > Comment: GPGTools - http://gpgtools.org > > iQIcBAEBCAAGBQJUJA/9AAoJEBzwKT+lPKRYeTYP/ArKK6QUQvbLTpIOWn4Pg4Ha > Uys9JOuv0nCLHXj3B7Y21vRwc0fuRvfdjN4J0VML+K0kWUqt4Tp8AkDBTSG7yD2P > tIsUXUUlcOpa1p998d3xtdkLcHQpTkn7nhpcnJwcOQqUUFesKwP9HYNBQI5m5pKX > s/IcX1cj0AV2rXMjOBK1RWU7WZPQGUVR2RRNtVS0Nc4w9RlYyjQjA+hBxpUFG1HS > 91OdkcX7sJxerlsIAfewTdYZ1oVd/3KGFlj+zSFcv9E17sOdpvBy+HuFdU9kGkQF > QDCBagmoFNrZmzPktNC0r5BXn1RDOdZ2wAsI9D+ZQyTTG4CPdXZvJRflRIX1QWZe > jjj8ZhlAH2nrLuKHNnwqWY9KK9GHc7+zs3H6hfe7JuJ/i8Z5u2lwrfK7DpquyUK+ > gcircWL0dEmosmvNWfm3/G+MvyudgUrDihgiuYZY2s1g5CWRr48TAkhEadr4cdOb > OOMcVTQOyzPLkeNA+5vBBDDEn3dzUq42Semds3HNByumM7Z7/DkALFQ0FYLxk6wd > spjeYFZP1IFjq5R8Ipdr0NngCmoVzqSnBowYgayvBfIO8P89u6i1Q0KjsL1SVefx > RmpJhevt/TSPcHurQpM/4tSQnQQqOXorTkAnKxw6csDiaY7IDEtBnTti2dIMe2Ny > yOF8Ee0Tn2XgILN24ogQ > =JV6J > -----END PGP SIGNATURE----- > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >