Topic
IC4NOTICE: developerWorks Community will be offline May 29-30, 2015 while we upgrade to the latest version of IBM Connections. For more information, read our upgrade FAQ.
5 replies Latest Post - ‏2012-07-13T14:48:08Z by Sunit
G.K.Munappy
G.K.Munappy
1 Post
ACCEPTED ANSWER

Pinned topic How to prevent admin URL to acccess it only from intranet

‏2011-01-25T06:39:45Z |
We have got a J2EE application deployed on IBM websphere application server 6.1 ND and accessed using IBM HTTP Server 6.1.Currently application is exposed over internet and accessed by users using one url and admin module is accessed by admin using another url.How do we prevent admin users acccessing from internet.Admin module should be accessed from intranet only.Is there any way to do it either on web server / application server or network to give acccess to admin module only from intranet.
Can any body suggest a solution?
WIth Thanks & Regards
Gopinathan K.Munappy
Updated on 2012-07-13T14:48:08Z at 2012-07-13T14:48:08Z by Sunit
  • gas
    gas
    44 Posts
    ACCEPTED ANSWER

    Re: How to prevent admin URL to acccess it only from intranet

    ‏2011-01-25T21:15:21Z  in response to G.K.Munappy
    Hi,

    If it is in separate web module then don't map this module to web server.
    If it is in one web module, you will have to somehow block the full url to the admin part, depends how the application is built.
    • GopinathanK.Munappy
      GopinathanK.Munappy
      1 Post
      ACCEPTED ANSWER

      Re: How to prevent admin URL to acccess it only from intranet

      ‏2011-01-26T13:11:44Z  in response to gas
      First of all I DO thank you for your response.
      I like add few more facts related to the application.
      Whole application including admin in deployed as a single EAR file.Only URLs are different to access the user application and admin application.
      I did not understand when you mentioned "somehow block the full url to the admin part".Please do eloborate.

      With Thanks & Regards
      Gopinathan K.M
      • gas
        gas
        44 Posts
        ACCEPTED ANSWER

        Re: How to prevent admin URL to acccess it only from intranet

        ‏2011-01-26T16:37:04Z  in response to GopinathanK.Munappy
        In one EAR file you may have many WAR files (web modules) then each one may have different root context, in that case you could be able to remove context from plugin-cfg.xml.

        If it is all in one web module, post some sample urls for your normal module and admin module.

        By blocking url I was thinking about using Location, like this:
        <Location /status>
        SetHandler server-status
        Order Deny,Allow
        Deny from all
        </Location>

        but I'm not sure whether it would work.
        • SystemAdmin
          SystemAdmin
          3908 Posts
          ACCEPTED ANSWER

          Re: How to prevent admin URL to acccess it only from intranet

          ‏2012-07-11T17:41:32Z  in response to gas
          HI All,

          Facing the same problem.. If some one have an answer for the question please respond.

          Thanks in Advance

          Sakthi
          • Sunit
            Sunit
            194 Posts
            ACCEPTED ANSWER

            Re: How to prevent admin URL to acccess it only from intranet

            ‏2012-07-13T14:48:08Z  in response to SystemAdmin
            1. If the admin module is a separate war than the user module then you have an option of not mapping the admin module to Internet facing web server.

            2. If both modules are part of the same root context but different sub-directories under it then use mod_rewrite to allow access to this only from a list of internal IP addresses.

            • Sunit