Andre, Tim,
Thanks for the feedback on the regex.
I don't think I can nest a <valve> inside a <context>
<Context path="/mywebapp" docBase="mywebapp" debug="0"
privileged="true"
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="176\.24\..*" />
/>
I tried and I get error in the log file such as the following.
Jul 8, 2009 7:29:46 AM org.apache.tomcat.util.digester.Digester fatalError
SEVERE: Parse Fatal Error at line 145 column 7: Element type "Context" must be
followed by either attribute specifications, ">" or "/>".
org.xml.sax.SAXParseException: Element type "Context" must be followed by
either attribute specifications, ">" or "/>".
at
com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:195)
According to this website:
http://www.oxxus.net/tutorials/tomcat/tomcat-valve.htm they claim a Remote
Address Filter can be associated with a Engine, Host or Context container. I
have an old Tomcat book from version 4.0 that says nothing about being able to
nest a valve inside a Context. The book I have says only Loader, Logger,
Manager, Realm and Resource can be nested components of a Context. I need a
new book.
I'm running 6.0.20 on Windows 2003 Server, using the zip file version.
So I look at my code again and notice I have it messed up.
I changed it to the following, no more errors in the catalina log.
<Context path="/mywebapp" docBase="mywebapp" debug="0"
privileged="true">
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="176\.24\..*" />
</Context>
Sometimes it helps to think it out loud.
-----Original Message-----
From: André Warnier [mailto:[email protected]]
Sent: Wednesday, July 08, 2009 7:14 AM
To: Tomcat Users List
Subject: Re: RemoteAddressValve
Leo Donahue - PLANDEVX wrote:
...
>
> <Valve className="org.apache.catalina.valves.RemoteAddrValve"
> allow="176.24.*.*"/>
>
I don't know about the context in which you can use this, but about the above,
your "allow" attribute is incorrect.
It should be :
"A comma-separated list of /regular expression patterns/ that the remote
client's IP address is compared to."
If I understand correctly which addresses you are trying to allow, then the
following would be better :
allow="176\.24\..*"
Quick tips : in a regexp,
- an unescaped "." means "any character".
- ".*" means "any character, any number of times" (0 to infinity)
- "\." is a "real dot" (escaped by the \, it loses its special meaning and just
represents the character "."
Check any on-line Regular Expressions tutorial for more information.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
