我试图限制基于IP地址在tomcat服务器上访问哪些URL。我想要做的是允许通过环回地址(即localhost)访问tomcat时访问所有地方,并且只允许访问所有其他远程IP的某些区域。我在conf / web.xml中有以下两个过滤器,但它们的行为并不像我想的那样。现在所有远程访问被拒绝(不是我想要的),并且所有本地访问被允许(我想要的)。我无法让tomcat允许所有IP地址访问/ terms / ,/ help / 等。
任何指针都非常感激。
<!-- ================== Built In Filter Definitions ===================== -->
<filter>
<filter-name>Restrict Remote Filter</filter-name>
<filter-class>org.apache.catalina.filters.RemoteAddrFilter</filter-class>
<init-param>
<param-name>allow</param-name>
<param-value>\d+\.\d+\.\d+\.\d+</param-value> <!-- for any IP address, * not allowed here -->
</init-param>
</filter>
<filter-mapping>
<filter-name>Restrict Remote Filter</filter-name>
<url-pattern>/terms/*, /help/*, /messagebroker/*</url-pattern> <!-- allow access to these areas only -->
</filter-mapping>
<filter>
<filter-name>Allow Localhost Filter</filter-name>
<filter-class>org.apache.catalina.filters.RemoteAddrFilter</filter-class>
<init-param>
<param-name>allow</param-name>
<param-value>127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1</param-value> <!-- for localhost access… -->
</init-param>
</filter>
<filter-mapping>
<filter-name>Allow Localhost Filter</filter-name>
<url-pattern>/*</url-pattern> <!-- access all areas -->
</filter-mapping>
答案 0 :(得分:3)
<url-pattern>/terms/*, /help/*, /messagebroker/*</url-pattern>
为每个模式尝试单独的url-pattern,据我所知,字符“,”(逗号)不被识别为特殊字符,而是您网址的一部分。试试这个:
<url-pattern>/terms/*</url-pattern>
<url-pattern>/help/*</url-pattern>
<url-pattern>/messagebroker/*</url-pattern>