How To Restrict Web Application Access By VirtualHost Using Dynamic Mount Points (Doc ID 739881.1)

Last updated on FEBRUARY 09, 2024

Applies to:

Goal

The goal of this note is to provide an step-by-step guide to implement access restriction to an application based on virtual hosts as described in <note 389819.1>, but this time using the dynamic mount points provided in Oracle Application Server 10g Release 3 (10.1.3), i.e. avoiding the use of Oc4jMount directives.

Reference:
<Note 389819.1> How To Create Virtual Host Specific OC4J Applications

Added functionality in version 10.1.3 allows us to minimize the Oracle HTTP Server downtime as new applications can be dynamically discovered once deployed, giving us more flexibility. This document implements the following scenario:

• We have the application App1 with context root /app1 deployed in an OC4J instance called blue and an application App2 with context root /app2 deployed in an OC4J instance called red.
  
  
• We want users to access the App1 application using the URL http://host.domain:port1/app1 and the App2 application using the URL http://host.domain:port2/app2 , but you don't want the users to be able to access /app2 through port1 nor /app1 through port2.
  
  
  Note: The same example can be adapted to use name based virtualhosts, e.g. http://host1.domain/app1 and http://host2.domain/app2 . Just the VirtualHost definition in STEP III needs to be modified.

Solution

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.