如何保护servlet的访问?

时间:2022-12-01 11:23:54

I have a servlet running in my server Tomcat (A) and I want to restrict the access of this servlet.

我有一个在我的服务器Tomcat(A)中运行的servlet,我想限制这个servlet的访问。

If the request to access this secure servlet will come only from my server then only any one can access this servlet. If request will come from another Tomcat (B), then the request can't go to the servlet.

如果访问此安全servlet的请求只来自我的服务器,则只有任何人可以访问此servlet。如果请求将来自另一个Tomcat(B),则请求不能转到servlet。

If some one want to make a ajax call and want to access my servlet then also they can't able to access my servlet.

如果有人想要进行ajax调用并想要访问我的servlet,那么他们也无法访问我的servlet。

How can I achieve this?

我怎样才能做到这一点?

1 个解决方案

#1


0  

Best way to do this is to place this logic outside of your application or tomcat. Separate the concerns: your application handles business logic and another component handles security.

最好的方法是将此逻辑放在应用程序或tomcat之外。分离关注点:您的应用程序处理业务逻辑,另一个组件处理安全性。

Most often nginx is used as a gateway between the outside world and your application where you can configure who can access what.

大多数情况下,nginx用作外部世界和应用程序之间的网关,您可以在其中配置谁可以访问的内容。

This is generally applicable independently on which technology you would use for your business logic.

这通常适用于您将用于业务逻辑的技术。

#1


0  

Best way to do this is to place this logic outside of your application or tomcat. Separate the concerns: your application handles business logic and another component handles security.

最好的方法是将此逻辑放在应用程序或tomcat之外。分离关注点:您的应用程序处理业务逻辑,另一个组件处理安全性。

Most often nginx is used as a gateway between the outside world and your application where you can configure who can access what.

大多数情况下,nginx用作外部世界和应用程序之间的网关,您可以在其中配置谁可以访问的内容。

This is generally applicable independently on which technology you would use for your business logic.

这通常适用于您将用于业务逻辑的技术。