It should go inside your <Context>
element in server.xml:
<Context
path="/tcadmin"
docBase="${catalina.home}/server/webapps/admin"
privileged="true"
>
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127.0.0.1"
/>
</Context>
Just remember, that the string values are regex patterns, so special regex characters ( e.g. dot(.) ) has to be escaped with backslashes.
EDIT: in reply to OP's comment.
I think you need to implement a FILTER in your web app and configure it to accept or reject requests based on their remote address IP. Remote address can be retrieved from ServletRequest
object passed into doFilter
method.
You declare a filter in your web.xml file:
<filter>
<filter-name>GatekeeperFilter</filter-name>
<filter-class>your.package.GatekeeperFilter</filter-class>
<init-param>
<param-name>allowedNetwork</param-name>
<param-value>192.168.2.*</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>GatekeeperFilter</filter-name>
<url-pattern>/path/to/protected/folder</url-pattern>
</filter-mapping>
Read the linked article about what need to be done to accept init parameters. I think for your decision making you can shamelessly copy the code from the RequestDumperValve.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…