Tomcat Valve settings

Question

I\'m stuck with sort of a configuration issue I think. I need to protect a folder which is within my actual tomcat application from access from a certain IP range.

I

Answer 1

Had the same need as you (but for other reasons) last week and created a valve to block requests by path. It's based off of org.apache.catalina.valves.RequestFilterValve.

Usage:

The valve can be used in Engine, Host or Context just as any valve and is available on GitHub. http://github.com/xlson/tomcat-valves

I would suggest using the default tomcat valves or servlet filters in your application if that solves your problem. The reason we needed a custom valve was that some parts of the tomcat management application Psi-Probe would "leak out" even though we used the RemoteAddrValve in the element of the application.