XServices/doc/common/installation.xml

60 lines
2.2 KiB
XML

<?xml version="1.0" encoding="UTF-8"?>
<section xmlns="http://docbook.org/ns/docbook" version="5.0"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink">
<title>Installation</title>
<para>As of February 2013, XServices require Java 7. Older builds run against Java 5.</para>
<para>Apache Tomcat 7</para>
<para>tbd.</para>
<para>In short: Deploy .WAR file to Apache Tomcat</para>
<section>
<title>Securing with Basic Authentication</title>
<para>There is a quick guide explaining Basic Authentication for Tomcat here: <link
xlink:href="http://oreilly.com/pub/a/java/archive/tomcat-tips.html?page=1">
http://oreilly.com/pub/a/java/archive/tomcat-tips.html?page=1</link>
</para>
<para>
</para>
</section>
<section>
<title>Limit access by IP address</title>
<para>Sometimes you&apos;ll only want to restrict access to to
only
specified host names or IP addresses. This way, only
clients at
those specified addresses can use the web services.
Tomcat provides
two configuration values for that:
RemoteHostValve and
RemoteAddrValve.</para>
<para>These Valves allow you to filter requests by host name or
by IP
address, and to allow or deny hosts that match. The
example below
restricts access to the ArchiveService from any
machine that is not
the local host.</para>
<programlisting language="xml">&lt;Context
path=&quot;/XService/ArchiveService&quot;
...&gt; &lt;Valve
className=&quot;org.apache.catalina.valves.RemoteAddrValve&quot;
allow=&quot;127.0.0.1&quot; deny=&quot;&quot;/&gt; &lt;/Context&gt;
</programlisting>
<para>If no allow pattern is given, then patterns that match
the deny
attribute patterns will be rejected, and all others
will be allowed.
Similarly, if no deny pattern is given,
patterns that match the
allow attribute will be allowed, and
all others will be denied.
</para>
<para>The &lt;context&gt; element must be placed into the
server.xml
file (into &lt;engine&gt;&lt;host&gt;).</para>
</section>
</section>