3 Replies Latest reply on Nov 6, 2004 8:54 AM by Mike Finn

    Restricting access

    Tim Christensen Newbie

      Is there a way to configure JBoss so that it only accepts requests coming from the localhost? I only want it to accept requests from my proxy server on the same machine.

        • 1. Re: Restricting access
          De Smet Christophe Newbie

          By definition, a server only listening for incoming requests on a determined port (8080 by default for JBoss)! So all request coming on this port will be treated.

          What you have to do is configure your FW so that it intercepts all requests coming on this port (8080). So, you "just" need to configure the filtering-logic you want in your FW...

          • 2. Re: Restricting access
            Bernd Zeitler Expert

            You can even use e.g. SSL communication from proxy to server. Use a certificate for your client (proxy) which is needed for the so configured bean access.

            • 3. Re: Restricting access
              Mike Finn Apprentice

              Depending on your needs, the simple solution might be to write a servlet filter and define it in web.xml in the tomcat deployment (tomcatXX.sar/web.xml. A filter defined here will be be in the chain for every incoming request. That filter could just issue a 401 if the remote address is not that of the local box.

              Too bad Tomcat doesn't have ACL config directives like Apache. That would be another easy way to solve this.