Easy to Learn Java: Programming Articles, Examples and Tips

Start with Java in a few days with Java Lessons or Lectures

Home

Code Examples

Java Tools

More Java Tools!

Java Forum

All Java Tips

Books

Submit News
Search the site here...
Search...
 
Search the JavaFAQ.nu
1000 Java Tips ebook

1000 Java Tips - Click here for the high resolution copy!1000 Java Tips - Click here for the high resolution copy!

Java Screensaver, take it here

Free "1000 Java Tips" eBook is here! It is huge collection of big and small Java programming articles and tips. Please take your copy here.

Take your copy of free "Java Technology Screensaver"!.

Make your Tomcat More secure - limit network address for certain IP addresses

JavaFAQ Home » Networking Go to all tips in Networking


Bookmark and Share

How to run Tomcat only on one IP address?

Question: We run Tomcat on a powerful server with multiple ethernet cards and even more numerous IP addresses. We noticed that our web application on Tomcat server answers on the all network interfaces. It poses some security threat to our product. We would like to limit access to our Tomcat by just one network interface, let say eth2 (we have eth0, eth1, eth2, eth3) . Or by certain IP addresses. How we could accomplish this?

Answer: You could specify IP address on which your web application will be accessible. Look for the settings for particular connector, which this application uses. By connector I mean Tomcat connector -one of many that could be defined in server.xml file. This file is Tomcat server wide configuration file, contains main server settings and is placed under conf directory in Tomcat home directory. Typical example for a connector is HTTPS or HTTP connectors. Default server.xml file does contain only port number and no IP addresses. Add this parameter - ipaddress at any place within <Connector .... /> section of the server.xml file. For example like this:

<Connector port="8443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="5" maxSpareThreads="25" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true"clientAuth="false" sslProtocol="TLS" address="192.168.3.24"/>


 Printer Friendly Page  Printer Friendly Page
 Send to a Friend  Send to a Friend

.. Bookmark and Share

Search here again if you need more info!
Custom Search



Home Code Examples Java Forum All Java Tips Books Submit News, Code... Search... Offshore Software Tech Doodling

RSS feed Java FAQ RSS feed Java FAQ News     

    RSS feed Java Forums RSS feed Java Forums

All logos and trademarks in this site are property of their respective owner. The comments are property of their posters, all the rest 1999-2006 by Java FAQs Daily Tips.

Interactive software released under GNU GPL, Code Credits, Privacy Policy