AWG Blogs

Friday, April 2, 2010

Virtual Host in Tomcat and NAT

Well, I didn't figure out how to separate the apps by port, but I did learn that it's possible to do so by IP -- by setting the name attribute in the Host tag of server.xml.

The problem appeared however when I attempted to port forward port 80 to the second host entry in the m0n0wall NAT configuration. Browsing to the site from outside the firewall kept bringing me back to the first host entry which by default was set to localhost. That will never do, because I don't want external users seeing the Tomcat management page or welcome page for that matter. That was the whole point of creating a separate app in a separate location on the hard drive (which was done by the way via setting the docBase attribute of the Context tag which goes under the Host tag. I was creating an Open Blue Dragon or openbd application and I didn't want it sitting under the default webapps virtual host.

I solved the problem by simply setting my new app, the second host in server.xml, to localhost, and assigning the default app a second IP (from a second NIC) for management purposes. I'm not sure why or how, but this fixed the problem. I can now access my ColdFusion web app from outside the firewall through port forwarding. And the managment app is only visible from the server itself.