Hi,
I seemed that this is the behavior if disabling REST Service in web.xml (BaseX.war deploymented on Tomcat), but this does not happen. The surprise is that the functions are accessible from anywhere, if access is not protected by other methods.
I'm doing wrong, what should be setting? I use BaseX 8.3.
Thanks for any guidance! Ioan
Hello Ioan,
I am not sure whether I correctly understood your issue. So you want to start Tomcat in a way that it serves only to localhost? This is an issue with Tomcat and I am sure there are ways to handle this. However, I don't really get what is has to do with the REST services provided by Basex?
Using the build-in jetty web server from BaseX it is usually enough to bind the port to 127.0.0.1 in the jetty.xml. I would expect Tomcat to have a similar mechanism.
Cheers Dirk
On 05/12/2016 07:58 PM, Ioan Fericel wrote:
Hi,
I seemed that this is the behavior if disabling REST Service in web.xml (BaseX.war deploymented on Tomcat), but this does not happen. The surprise is that the functions are accessible from anywhere, if access is not protected by other methods.
I'm doing wrong, what should be setting? I use BaseX 8.3.
Thanks for any guidance! Ioan
Hello Dirk, thanks for the reply.
It's not a solution to limit Tomcat for acces only from localhost because he serves multiple applications.
I thought there would be a setting as HTTPLOCAL to limit access to restxq functions. If not, I will try something session-based, as is used in dba.
Best regards, Ioan
basex-talk@mailman.uni-konstanz.de
-
Dirk Kirsten -
Ioan Fericel