Tomcat: Restrict access to localhost for /just one/ webapp

Question

I\'m running Tomcat 6 to serve several web apps, most of which are public-facing. But I\'d like to restrict access to just one webapp, allowing connections only from l

Answer 1

Allowing localhost didn't work for me. I use RemoteAddrValve instead. Keep in mind that some systems use IPv4 addresses (your filter has to match match 127.0.0.1) while others use IPv6 addresses (match the full address, not abbreviated notations like ::1).

The attribute allow takes a regexp, so dots need to be escaped. As explained by Dmitry Negoda, this goes in /META-INF/context.xml.