Reputation: 1
About a way of filtering the access to web pages based on IP address
I am managing a server providing web administration pages and communicating with client apps. I designed the web part which allows the public access through the 80 port. However, I was told from my client that they want the server to allow only the access from their intra-net other than outside the company. I thought it can be done if Tomcat has an ability to filter the access to web pages based on IP address. However, I ended up in failing to find out a proper solution for that. I know Tomcat has already provided the filtering function according to a web project. I came up with a way of getting around this problem and used it as follows: I make two service tags in server.xml like
<Service name="Catalina">
<Connector port="80" ...>
<Service name="Catalina2">
<Connector port="8080" ...>
And make another clone for the additional service. Then, I block all the external accesses through 8080 port by the firewall set-up. This lives up to my client’s needs. However, this is not a common way, I guess. Even, sometimes, the setting allows the external accesses which shouldn’t happen. On top of this, it’s not an efficient way from the maintaining point of view.
Anyhow, I don’t like it. It would be appreciated if someone told me the way. Thanks for reading the question.
Upvotes: 0
Views: 623
Answers (1)
Reputation: 418137
A first step to IP filtering would be to configure your firewall / router.
You can also implement easy IP filtering in Servlet containers by creating a javax.servlet.Filter.
You can map the filter using wildcards (*) to have all requests go through it and in the filter you can check the client's IP and block / deny serving the request based on your own rules.
Tomcat also comes with some built-in Filters. You might wanna take a look at them:
Apache Tomcat 8 Container Provided Filters
The built-in filters include Remote Address Filter, Remote Host Filter and Remote IP Filter (for proxies). These are mostly configurable with regular expressions and may be enough for your needs.
Upvotes: 1
Related Questions
- How to restrict access by IP address with Tomcat?
- Give access to JSP file/folder only for particular IP address
- How to restrict client IP address in Java Web Application
- stop access to website by IP address
- Tomcat server IP address restriction methods?
- URL access controll by IP in Tomcat7
- Block a specific page on Tomcat 6 for a particular IP
- how to restrict acces to specific servlet by ip - via container configuration
- How to restrict access to a Servlet via browser
- How to block a IP address using web.xml?