This documentation is for WSO2 API Manager 2.1.0. View documentation for the latest release.

All docs This doc

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: fixed the path <PRODUCT_HOME>/repository/conf/tomcat/context.xml

...

  • To control access only to the Management Console, add the IP addresses to the <PRODUCT_HOME>/repository/conf/tomcat/carbon/META-INF/context.xml file as follows:

    Code Block
    <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="<IP-address-01>|<IP-address-02>|<IP-address-03>"/>

    The RemoteAddrValve Tomcat valve defined in this file only applies to the Management Console, and thereby all outside requests to the Management Console are blocked. 

  • To control access to all Web applications deployed in your server, add the IP addresses to the <PRODUCT_HOME>/repository/conf/tomcat/context.xml file as follows.

    Code Block
    <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="<IP-address-01>|<IP-address-02>|<IP-address-03>"/>

    The RemoteAddrValve Tomcat valve defined in this file applies to each Web application hosted on the WSO2 product server. Therefore, all outside requests to any Web application are blocked.

  • You can also restrict access to particular servlets in a Web application by adding a Remote Address Filter to the <PRODUCT_HOME>/repository/conf/tomcat/web.xml file and by mapping that filter to the servlet URL. In the Remote Address Filter that you add, you can specify the IP addresses that should be allowed to access the servlet. The following example from a web.xml file illustrates how access to the Management Console page (/carbon/admin/login.jsp) is granted only to one IP address.

    Code Block
    <filter>
        <filter-name>Remote Address Filter</filter-name>
        <filter-class>org.apache.catalina.filters.RemoteAddrFilter</filter-class>
            <init-param>
                <param-name>allow</param-name>
                <param-value>127.0.01</param-value>
            </init-param>
    </filter>
    
    <filter-mapping>
        <filter-name>Remote Address Filter</filter-name>
        <url-pattern>/carbon/admin/login.jsp</url-pattern>
    </filter-mapping>

...