I am trying to modify a Tomcat (7.0.52) valve definition to allow contact from a different server.
The valve definition looks like that shown below. Previously, it was a RemoteAddrValve and defined with 127.0.0.1 (to only allow access from local host). This worked perfectly. For the new definition the AddrValve was changed to a HostValve and the full-qualified-domain-name of the remote server was entered. Now when hitting that Tomcat instance from that remote server, I always get a Http 403: 'Access to the specified resource has been forbidden'.
<Context debug="0" swallowOutput="true">
<!-- This causes session data to NOT be persisted to disk across tomcat restarts -->
<Manager pathname=""/>
<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs" prefix="blackduck_solr_access_log." suffix=".txt"
pattern='%{yyyy-MM-dd HH:mm:ss,SSS}t [%I] %h "%r" %s %b'/>
<!-- JVCS-646 solr access to localhost only -->
<Valve className="org.apache.catalina.valves.RemoteHostValve"
allow="FQDN_HERE" />
</Context>
I did not set this server up and am clearly not expert in Tomcat Security. The contents shown above were put into a file in this directory: ./tomcat/conf/Catalina/localhost
I know the file is being processed because I get errors if the syntax is not correct. Also if I remove it then access is wide open. Can anyone help with what might be wrong?
