I'm extremely new to tomcat but I need to configure my company's tomcat server so that we can allow restricted IP addresses only.
I understand this is normally the job of the firewall but in this case that is not an option.
We are doing a deployment to the production server and while that's happening we need to be able to show a maintenance page run by Apache which rests in the same server as tomcat.
In this case, what would I need to do in order to only allow access to selected ip addresses to the whole tomcat server?
Best Answer
Take a look at Tomcat's Remote Address Filter:
Edit: Which file to edit depends on whether you want the filter to apply to a single webapp or to all of them. From the same page linked above:
Edit 2: Here's an example for 3 IPv4 addresses: