How to Restrict Access to Jira with Tomcat

お困りですか?

アトラシアン コミュニティをご利用ください。

コミュニティに質問

この記事はアトラシアンのサーバー製品にのみ適用されます。クラウドとサーバー製品の違いについてはこちらをご確認ください。

Atlassian provides limited support with Tomcat configurations. You'll want to ensure to test any suggestions before implementing into a production environment.

目的

Increased security, ensuring that Tomcat/Jira can only be reached by the appropriate addresses

ソリューション

Tomcat provides multiple methods to allow control access, here are two of the possible options:

  1. Restricting which IP addresses that a defined connector port will listen on. http://tomcat.apache.org/tomcat-8.5-doc/config/http.html#Standard_Implementation
    1. Example: only allowing the host's loopback address (127.0.0.1) to connect to port 8080:
    2. Modify the Connector within server.xml:

      <Connector port="8080" protocol="HTTP/1.1" ... />
      
      to
      
      <Connector address="127.0.0.1" port="8080" protocol="HTTP/1.1" ... />
    3. Tomcat を再起動します。
  2. Setting remote IP filters for addresses that will be allowed or denied: http://tomcat.apache.org/tomcat-8.5-doc/config/valve.html#Remote_Address_Valve
    1. Example: only allowing requests from the local address and from address with IP 192.168.1.1:
    2. Modify server.xml and add:

      <Engine name="Catalina" defaultHost="localhost">
          ...
          <Valve className="org.apache.catalina.valves.RemoteAddrValve"
              allow="127\.0\.0\.1|192\.168\.1\.1"/>
          ...
      </Engine>


    3. Tomcat を再起動します。

最終更新日: 2019 年 12 月 3 日

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.