mobileNavlogo
headerlogo

Security in JBoss

24 September, 2020

Ratings

Related Blogs

 

Security in JBoss

Securing Applications

Filtering clients by source IP addresses

Requiring authentication and authorization

Data transport integrity and confidentiality (SSL)

We will explore each one of these in turn

Filtering Clients by Source Limit access to web applications by client IP or hostname Configured through Tomcat Valves Different levels: <Engine> (global), <Host> (per virtual host), <Context> (per web application) <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="192.168.*,127.*" /> <Valve className="org.apache.catalina.valves.RemoteHostValve" deny="spamhost.com" />

Configured through a Servlet Filter

Simple implementation is provided by JBoss but servlet filters are Java EE AS-independent

To limit client access through Tomcat, add a desired <Valve> in <Engine> or <Host> elements within ${jboss.server.home.url}/deploy/jbossweb.sar/server.xml file

Limiting per web application can be still done through Tomcat by creating a <Context> file ${jboss.server.home.url}/deploy/<app>.war/WEB-INF/context.xml:

<Context>

<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="192.168.*.*" />

</Context>

To limit client access in a application-server-neutral way, configure a servlet filter in WEB-INF/web.xml file as follows:

<web-app ...>
...
<filter>
<filter-name>RemoteHostFilter</filter-name>
<filter-class>org.jboss.remotehostfilter.RemoteHostFilter</filter-class>
<init-param>
<param-name>allow</param-name>
<param-value>192.168.*,127.*</param-value>
</init-param>
</filter>

<filter-mapping>
<filter-name>RemoteHostFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
...
</web-app> 

A simple implementation of this filter can be found at http://community.jboss.org/wiki/LimitAccessToCertainClients

For indepth understanding on JBoss click on:

About Author
Authorlogo
Name

TekSlate

Author Bio

TekSlate is the best online training provider in delivering world-class IT skills to individuals and corporates from all parts of the globe. We are proven experts in accumulating every need of an IT skills upgrade aspirant and have delivered excellent services. We aim to bring you all the essentials to learn and master new technologies in the market with our articles, blogs, and videos. Build your career success with us, enhancing most in-demand skills .