如何保护servlet的访问?
[英]How to secure access of a servlet?
问题描述
I have a servlet running in my server Tomcat (A) and I want to restrict the access of this servlet. 
我的服务器Tomcat(A)中运行着一个servlet,并且我想限制对该servlet的访问。
If the request to access this secure servlet will come only from my server then only any one can access this servlet. 如果访问此安全servlet的请求仅来自我的服务器,则只有任何人可以访问此servlet。 If request will come from another Tomcat (B), then the request can't go to the servlet. 如果请求将来自另一个Tomcat(B),则该请求不能转到Servlet。
If some one want to make a ajax call and want to access my servlet then also they can't able to access my servlet. 如果有人想要进行ajax调用并想要访问我的servlet,那么他们也将无法访问我的servlet。
How can I achieve this? 我该如何实现?
1 个解决方案
解决方案1
0 2015-10-24 11:27:53
Best way to do this is to place this logic outside of your application or tomcat. 最好的方法是将此逻辑放置在应用程序或tomcat之外。 Separate the concerns: your application handles business logic and another component handles security. 将关注点分开:您的应用程序处理业务逻辑,而另一个组件处理安全性。
Most often nginx is used as a gateway between the outside world and your application where you can configure who can access what. 大多数情况下, nginx用作外部世界与您的应用程序之间的网关,您可以在其中配置谁可以访问什么。
This is generally applicable independently on which technology you would use for your business logic. 通常,这独立于将用于业务逻辑的技术而适用。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.