Tim Booth wrote: > Hi Mark and Guru, > > Many thanks for both your replies. > > Mark Thomas <[EMAIL PROTECTED]> wrote: >> The allow and deny fields take regular expressions. '.' is reserved >> and needs to escaped. Take a look at the java.util.regex javadoc > > OK, I was going by the info found here: > http://tomcat.apache.org/tomcat-5.5-doc/config/host.html#Request%20Filters That needs to be updated.
<snip /> >> <!-- Default rule - Restrict most services to trusted hosts: >> localhost and texugo --> >> <Context path=""> >> <Valve className="org.apache.catalina.valves.RemoteAddrValve" >> allow="127.0.0.1,192.171.160.155,192.171.160.186" >> deny=""/> >> </Context> >> >> <!-- I want to allow public access to the front page on the site --> >> <Context path="/ROOT" > >> <Valve className="org.apache.catalina.valves.RemoteAddrValve" >> allow=".*" deny="" /> >> </Context> This won't work. There is no context path /ROOT. The root webapp is referenced using a context path of "". I have recently used the RemoteAddrValve to lock down a context to a couple of specific IPs and subnets and it works as expected. You don't need to configure an allow all rule since that happens by default. For the contexts you want to limit, add the appropriate RemoteAddrValve settings. HTH, Mark --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]