问题
I want to restrict access to a webapp running on a tomcat server by ip address.
Found out that I would have to use org.apache.catalina.valves.RemoteAddrValve and set it in a tomcat context.xml
But within my tomcat folder I have 4 of it:
\conf
\backup
\webapps\host-manager\META-INF
webapps\manager\META-INF
Where to I have to place my Rule?
回答1:
You have to choose context.xml which is under TOMCAT_HOME/conf/ if you want to apply this restriction to all webapps running on your tomcat.
Choose yourapp/META-INF/context.xml if you want to keep it only for application.
If the web application is packaged as a WAR then /META-INF/context.xml will be copied to $TOMCAT_HOME/conf/[enginename]/[hostname]/ and renamed to match the application's context path.
webapps\manager\META-INF => if you add restriction here, your tomcat manager will be restricted i.e. tomcat administration.
回答2:
Here is the configuration for RemoteAddressFilter
You can add the Valve to %CATALINA_HOME%\conf\server.xml
But if you need to filter by IPs I would recommend you use the firewall instead. That is what it is supposed to do in the first place
回答3:
it should be inside YOUR_WEBAPP/META-INF/context.xml
来源:https://stackoverflow.com/questions/11974820/restrict-tomcat-access-by-ip