Thanks for all your help and I have gotten it to work. It seems to be, however, dependant on the name it is being access by. I was hoping that I could just put 127.0.0.1 in there and then it would only accept connections from the local machine. It turns out that doing this only accepts connections that come in with this name.
To clarify what I mean, here is an example: Say Tomcat is on a machine called TestMachine. If I put "127.0.0.1" in the address field, it accepts connections of the form "http: //127.0.0.1/..." only It does not accept connections from "http: //TestMachine/...", even though the server is this same machine. I was hoping that it would accept all connections from the local machine, regardless of what the connection was called. Is there a way to do this? Is this be design? Can IP spoofing get around this protection? Mark -----Original Message----- From: Leo Donahue - PLANDEVX [mailto:[EMAIL PROTECTED] Sent: Thursday, June 08, 2006 2:13 PM To: Tomcat Users List Subject: RE: [SPAM:] - RE: Restricting access to localhost for an HTTP connector - Email has different SMTP TO: and MIME TO: fields in the email addresses In your server.xml you will add an address element and specify it as: 127.0.0.1 <!-- Define a non-SSL Coyote HTTP/1.1 Connector on the port specified during installation --> <Connector address="127.0.0.1" port="8080" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" redirectPort="8443" acceptCount="100" debug="0" connectionTimeout="20000" disableUploadTimeout="true" /> Leo ________________________________ From: Mark Claassen [mailto:[EMAIL PROTECTED] Sent: Thursday, June 08, 2006 10:51 AM To: 'Tomcat Users List' Subject: [SPAM:] - RE: Restricting access to localhost for an HTTP connector - Email has different SMTP TO: and MIME TO: fields in the email addresses Thanks. I thought I heard that it was possible though the address, but was not sure. I read this in the docs, but I guess I didn't / don't understand the short explanation of "address". ________________________________ From: Filip Hanik - Dev Lists [mailto:[EMAIL PROTECTED] Sent: Thursday, June 08, 2006 1:24 PM To: Tomcat Users List Subject: Re: Restricting access to localhost for an HTTP connector yes, you can bind the connector the 127.0.0.1, meaning it will only listen on that address use the "address" attribute in the connector http://tomcat.apache.org/tomcat-5.5-doc/config/http.html Mark Claassen wrote: Is there to configure an HTTP Connector to only allow connections from localhost? We have a server that has an HTTPS port that handles all public access. However, we would like to leave a non SSL port open for a monitoring program we have running on the same machine. We would like to not allow anyone else to be able to access the non-SSL port. I know that the apache webserver has mechanism to do this, but I was wondering if a standalone tomcat could also do what we need. Thanks, Mark --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Filip Hanik --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
