Menu
▾
▴
RE: [Jetty-support] Is Jetty able to specify allowed virtual hosts for a ip-adress?
|
From: <j.v...@mo...> - 2003-12-11 15:32:52
|
First, thanks for a long explaining answer Chris :) > Don't use the value of the Host: header in an HTTP request as=20 > a security > attribute - it can easily be forged! Ok. > Am I right in assuming that your two physical interface cards=20 > are on separate > networks: one having a route via the DMZ to the Internet, the=20 > second only > to/from your intranet? In other words there is NO route from=20 > the public > Internet to the intranet interface card on your server. That=20 > _must_ be in place > for the following to be secure... :) Do you mean that it can't be a route from the "Internet" interface to = the intranet interface card, in order to be secure - or that it have to? =20 > You can configure a single Jetty instance to have two Server=20 > instances - see the > Jetty Tutorial for details. I can't find about this in the tutorial :( Do you know if the same can be done when running JBossJetty? Regards,=20 J=F8rund |
