59 |
brianR |
1 |
<?xml version="1.0" encoding="UTF-8"?>
|
|
|
2 |
<section xmlns="http://docbook.org/ns/docbook" version="5.0"
|
|
|
3 |
xmlns:xi="http://www.w3.org/2001/XInclude"
|
|
|
4 |
xmlns:xlink="http://www.w3.org/1999/xlink">
|
|
|
5 |
|
|
|
6 |
<section>
|
|
|
7 |
<title>Installation</title>
|
|
|
8 |
<para>tbd.</para>
|
|
|
9 |
<para>Sun Java SE 1.6.0</para>
|
|
|
10 |
<para>Apache Tomcat 7</para>
|
|
|
11 |
<para>tbd.</para>
|
|
|
12 |
<para>In short: Deploy .WAR file to Apache Tomcat</para>
|
|
|
13 |
<section>
|
|
|
14 |
<title>Securing with Basic Authentication</title>
|
|
|
15 |
<para>There is a quick guide explaining Basic Authentication for Tomcat here: <link
|
|
|
16 |
xlink:href="http://oreilly.com/pub/a/java/archive/tomcat-tips.html?page=1">
|
|
|
17 |
http://oreilly.com/pub/a/java/archive/tomcat-tips.html?page=1</link>
|
|
|
18 |
</para>
|
|
|
19 |
<para>
|
|
|
20 |
|
|
|
21 |
</para>
|
|
|
22 |
</section>
|
|
|
23 |
<section>
|
|
|
24 |
<title>Limit access to</title>
|
|
|
25 |
<para>Sometimes you'll only want to restrict access to to
|
|
|
26 |
only
|
|
|
27 |
specified host names or IP addresses. This way, only
|
|
|
28 |
clients at
|
|
|
29 |
those specified addresses can use the web services.
|
|
|
30 |
Tomcat provides
|
|
|
31 |
two configuration values for that:
|
|
|
32 |
RemoteHostValve and
|
|
|
33 |
RemoteAddrValve.</para>
|
|
|
34 |
<para>These Valves allow you to filter requests by host name or
|
|
|
35 |
by IP
|
|
|
36 |
address, and to allow or deny hosts that match. The
|
|
|
37 |
example below
|
|
|
38 |
restricts access to the ArchiveService from any
|
|
|
39 |
machine that is not
|
|
|
40 |
the local host.</para>
|
|
|
41 |
<programlisting language="xml"><Context
|
|
|
42 |
path="/XService/ArchiveService"
|
|
|
43 |
...> <Valve
|
|
|
44 |
className="org.apache.catalina.valves.RemoteAddrValve"
|
|
|
45 |
allow="127.0.0.1" deny=""/> </Context>
|
|
|
46 |
</programlisting>
|
|
|
47 |
<para>If no allow pattern is given, then patterns that match
|
|
|
48 |
the deny
|
|
|
49 |
attribute patterns will be rejected, and all others
|
|
|
50 |
will be allowed.
|
|
|
51 |
Similarly, if no deny pattern is given,
|
|
|
52 |
patterns that match the
|
|
|
53 |
allow attribute will be allowed, and
|
|
|
54 |
all others will be denied.
|
|
|
55 |
</para>
|
|
|
56 |
<para>The <context> element must be placed into the
|
|
|
57 |
server.xml
|
|
|
58 |
file (into <engine><host>).</para>
|
|
|
59 |
</section>
|
|
|
60 |
</section>
|
|
|
61 |
</section>
|