w3hello.com logo
Home PHP C# C++ Android Java Javascript Python IOS SQL HTML videos Categories
Tomcat Restrict Access to specific domain name only

You will not be able to block it completely: the TCP connection is done by the IP of the adress and there is no way to know which domain name was queryed to find that IP. Short of changing DNS, there is no absolute solution (and even then, you won't be able to block access by IP)

One way would be to block any request with a Host: different than exemple2.org. For exemple, with a custom Filter :

@Override
public void doFilter(ServletRequest request, ServletResponse response,
        FilterChain chain) throws IOException, ServletException {
    if (!request.getServerName().equals("exemple2.com")) {
        ((HttpServletResponse) response).sendError(403);
    } else {
        chain.doFilter(request, response);
    }

}

Or you could define 2/3 Hosts inside your tomcat. One Host as exemple2.com with your application and a default one wich sends only error page.

As I said, this is far from perfect as It could be easily bypassed by changing the Host header.





© Copyright 2018 w3hello.com Publishing Limited. All rights reserved.