Software :: Restricting Specific Project Out Side Web Access In Tomcat6?
May 26, 2011
i installed tomecat6 in Linux server i deployed xyz.war file and jkmonunt in Apache this is for out side usage recently i deployed one more war abc.war i din't mount in apache this is internel application usage purpuse in my application i tried to call this abc.war (http://X.X.X.X:8080/abc/abc.war) but i am unable to access this folder i checked the iptable rules i gave access permission in 8080 port.
I wanted to restrict users within a particular folder say /var/lib/tomcat/webapps. I want the users to see all subfolders inside webapps and work with it (edit+read but no delete). I understood that chroot is the way, and i read this [URL] community discussion, but what i understand out of it is, they are trying to give a complete working installation of ubuntu to the user within a directory which i dont want to.
I have a desktop (picard), and I want to be able to connect to it from my sisters laptop (zuma) to quickly scp files from my machine to hers. At the same time I don't want the whole world to be able to connect to my machine via SSH. We're connected through a router. I've tried adding the line
"ListenAddress 192.168.0.0"
to /etc/ssh/sshd_config, but this prevents me from being able to connect to my machine from another on the network. From my understanding of the ListenAddress directive, I would assume "ListenAddress 192.168.0.0" would allow my sister's address through (192.168.0.192).
In my office i want to setup a Linux machine for public usage , in this machine i want to restrict/deny access to certain applications (ex:- k3b, xterm , pdf reader etc) for certain users/group of users as per the office policies.
1)By what method/procedure i can achieve this objective ?
I have an internet and mail server installed CentOS, and I want to restrict client machines to access a certain website, e.g. if i want restrict users from accessing the website: www.mydomain.com, How do I do it?
I have a small home network with a router to the outside world and an ubuntu server through which traffic passes first.My ISP limits my download usage during the day, which traditionally has not been an issue, but now the children come in from school, boot up the internet and up goes my usage!Ideally I would like to be able to restrict them to IM and maybe certain specified URLs (I think the latter probably needs to use Squid though?). Once the download limits are lifted, I would like my iptables to allow HTTP, etc, but pretty much block most other things.
I have two sets of iptables currently to approach this issue, with a cron job that runs to swap between one and the other.Chains run in order, so if rule A says allow x, and rule B says drop all, then X should still be allowed. However, try as I may, this is not what happens in practice. I have even tried changing the overall order from ALLOW to DROP in FORWARD and then approach from the other angle. That didn't work either. *IS* it actually possible to block all but http / https and IM? These are myrules:
Code:
# Generated by iptables-save v1.4.4 on Sat Jan 9 19:15:49 2010 *nat :PREROUTING ACCEPT [583:45175] :POSTROUTING ACCEPT [694:60887] :OUTPUT ACCEPT [143:18642]
Is there a way to restrict users that are logged into the shell via SSH/Telnet/SFTP from using the 'cd' command to move into certain directories, yet not use the chmod command to do it? For instance, restrict users logged in from accessing the /var/www/ folder but have it still accessible using a web browser. Also, would this defeat the purpose since they could just wget from it if its still web accessible through a browser?
Every developer in our organization has access to a single development server and all development ( other than basic experimentation ) is done on this server. This is primarily because there are several interdependent systems and having copies of these systems on each developers machine slows that machine down to the extent of making it completely unusable. All developers access this development server using ssh. Of course this implies that scp will also work as the sshd daemon is running making data vulnerable.
We are currently attempting to secure the code and data on this server from unauthorized copying and transfer.
Currently I am attempting to set up virtual machines on each developer machine that can then be used to connect to the development server. I have created a shell that does nothing but allow for the typing of one command that simply transfers ( ssh login ) the user onto the development server.
I am using virtualBox and ubuntu mini to achieve this.
Problems: The first question is if this is a reasonable way to achieve what I am attempting to. Is there a better way?
The others is more in terms of the set-up: I am attempting to resize the virtualBox console. I tried this by editing grub. Although I am able to resize the screen at start-up the entire screen goes back to ( what I believe is 800x600 ) after the Ubuntu splash screen.
The virualBox seems to have completely messed up the keyboard detection how can I rectify this?
The other is regarding the restricting of shell access I have currently done this by removing access to /bin/ for normal users. Is this secure enough or is there a better way?
I'm having trouble mounting my mac partition of my HD on the linux side while it's running on Parallels(a VM for mac). I've tried using the GUI and the terminal with no success... Honestly I have no clue what I'm doing. I've tried to follow other forums about it, but the stuff out there is out dated, I mean like 2006-2007... I'm running Snow Leopard osx 10.6.4. It shows "Failed to receive share list from server" when I click on the mac partition in the network GUI, to try and veiw the files. When I try to mount through terminal, it says "No such file or directory."
I have a shared system. One half Linux and the other Windows. I recently did an upgrade to Windows 7 and now I cannot access the internet on the Windows side, and I cannot find the driver?? In Ubuntu I can only access via wireless not through the ethernet network adapter. The motherboard is abit nf8v. Sorry, more of a Windows question as to Linux.
I have one requirement i.e I want to call the java file from the php function using shell_exec command , i am using the chroot jail concept , if i using this command i am getting the empty file because java environment is outside the chroot jail,so how to access the the files those are out side the chroot jail.
How would I use a unix grep regular expression to find any two capital letters side by side and how would I find an expected comma in an expected spot?
I have two (or more) video files that I want to play side by side. I could do that simply by opening them in two seperate windows, but that would also seperate all the controls (play/pause/forward/...). I want to play them in a synchronized fashion so that pause/forwarding/... works on both videos simultaneously so that they always stay at the same timecode and they don't go out of sync. How would I accomplish that in Linux?
This is needed for viewing only, so compositing them into a new video file first should be avoided if possible, but if there isn't an easy way to do that, I welcome answers doing it with composition as well.
If a file gets created in the user's Desktop folder, or if a drive is added to the machine and a Desktop icon is correspondingly created, they will by default appear on the left side of the desktop (unless, in the case of the latter, the specific drive has been created before and dragged to the right side, in which case GNOME will remember to put it in the same place).
Because I have a terminal window embedded onto my Desktop in the top left corner and occupying most of the screen), I keep my icons on the right side of the Desktop instead of the left (Mac style) - Any time I add a new drive or a file is sent to the Desktop, however, I have to kill the terminal window to be able to click on the icon, then drag it back to the right side, then restart the terminal.
Is there any way to tweak GNOME so that these icons are added from the top right corner and down instead of from the top left, automatically?
have been trying to setup a dual boot system with ubuntu and XP running side by side on my Thinkpad T41.tried it a few times and always causes the same problem. i have 40 gig HDD, on which i create a 13 gig NTFS partition and leave the rest as free space. then install XP on the NTFS partition. no problems.
then i boot from the ubuntu disk (9.10 Karmic) and install using the "use free space" option at the partition section. ubuntu installs ok, and boots fine from GRUB 2.0. BUT when i select the XP option from GRUB's list, it starts to boot XP, i get the standard XP loading screen for three seconds and then it crashes to a blue screen critical problem, and restarts the system. when i then boot from the xp cd and go into recovery mode CHKDSK will not recognise the disk, and DISKPART shows one HDD at 35 gig which it cannot access.
this means i cant run FIXBOOT and get my xp install running again. every time i do this process it produces the same problem. tried at first with xp installed on whole HDD, and reducing the xp partition size. killed XP. then tried ubuntu first and xp second - but this caused the same inaccessible disk problem - xp would not recognise the partitions and would not install. so i slipstreamed my XP install disk to SP2 hoping this would make it recognise the partitions, but no luck there. so had to format all and repartition the 13 gig NTFS for xp. installed xp again without difficulty but ubuntu install killed my xp in the same way.
I'm looking for a software to compare two documents (for example .odt) side by side or highlighted in graphical way. I want to do the same as Word 2010 Compare Documents (see this: Microsoft Word 2010: View Two Documents Side By Side). I found in OpenOffice something a bit similar that, see in <Edit> -->> <Compare documents>, but it's not a good visual presentation. I'm looking for a software who give me the possibility to see the differences between two documents side by side, or highlighted.
I'm wondering how much of my currently installed packages I can transfer to a new system...I have a HDD split in two. I have 10.4 on one half (/dev/sda6) - my working system for the last year or so since my last upgrade - and I have just installed 11.04 on the other half (/dev/sda. I wanted to check out the new version rather than upgrading. note I have my home folder and all stored data on other drives (zfs mirrored disks) - the boot disk is mostly OS related... I can overwrite /dev/sda8 with impunity as long as /dev/sda6 is intact....
What I want to do is capture the wide variety of packages I have installed on the old version and install them onto the new system - without using the dist-upgrade mechanism... I've had it fail too many times leaving me with a complete rebuild being required... is this (partially) possible or have too many core packages changed? I was especially thinking of something like [URL]
I'm using NFS and I have the following problem. After ~100 days, the client and server lose connection, but the client doesn't know about this, it gives no error. The problem is that the changes on the server side aren't visible on the client side.
It used to be a sysadmin/yast setting wherein you configured the display.It is now done under "personal settings"-->"display" meaning ordinary users can set their own preferences. That's really nice and all, but I'd rather it be sysadmin-only than have to go through several minutes of futzing around with it every blasted time I login. So, how can I make side-by-side permanent either for myself or for all the people who use my system (just me)? Thank you.
This module is only for configuring systems with a single desktop spread across multiple monitors. You do not appear to have this configuration.Since I obviously do and since I can get the desktops to spread across the monitors (after futzing for several minutes).
I did a search but for this topic and I thought it would be discussed quite a bit, did not get any results. Maybe I did not use the correct words? Anyhow, I am running Kubuntu 9.04 and wish to switch to Ubuntu Karmic 9.10. I do still want to keep Kubuntu 9.04 as a boot up option temporarily in case I have major issues with Ubuntu. Ill also need to know how to get rid of Kubuntu after Im sure all is well with Ubuntu. Finally, there are a ton of boot options (different kernels Ive upgraded to) in Grub when Kubuntu boots up. How do I get rid of those? I also have a Windows XP partition that I boot into occasionally.
Just installed Ubuntu 10.04 on my home laptop after testing it (and loving it) on my work desktop just this morning. First time Ubuntu user and looking to be a long one, too.Anyways, I used the "install side-by-side" on both machines, but my laptop, with Vista, has a weird side effect. At the boot screen, I chose Windows Vista and it booted the recovery tool (I forgot the exact name). I was worried at first, but when I chose the actual Windows Recovery option below it to attempt to fix it, it booted Vista. So it seems in the process of partitioning the HDD for Ubuntu I somehow switched what each partition boots. Is there a way to correct this?
I would like to know how I can view two windows side by side on the same desktop (ex. have two openoffice files side by side) and be able to work on both of them at the same time rather than having to click back and forth from window to window. I have seen this done on people that have MAC computers is there anyway to do this on Ubuntu?
I want to restrict the type of files that can be accessed on my web server.For example only flash movies (SWF files) and one specific PHP file.I can think of a number of ways of doing this:1. Linux file permissions, but since the SWF files need to access various PHP files and those PHP files need access to other files themselves that may not work.2. Using mod_rewrite if that is possible, I don't know as I have never used it.
I have installed Ubuntu 10.10 on my computer. And now for some reasons I need to install Windows 7 side by side with it. I tried it before and ended up loosing my Ubuntu partition. I wanna keep Ubuntu as my main operating system.