Skip to main content

Tomcat Configuration for Access Control with Valve

The first line of defense of the Tomcat based primary Talend Data Catalog server or any of its metadata harvesting agents / MIMB servers requires a proper firewall setup. As a last line of defense, the tomcat remote address valve can be configured for access control.

In such case the Tomcat of any metadata harvesting agents / MIMB server should configure with a valve to only accepts requests from its associated primary MM server.
This requires to edit the file tomcat/conf/TalendDataCatalog/localhost/MIMBWebServices.xml
in order to add the following line:
<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1"\>

For more details on configuring Tomcat access control with valve, see Tomcat's documentation at:
https://tomcat.apache.org/tomcat-9.0-doc/config/valve.html#Remote_Address_Valve

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – please let us know!