Hi All, In our production we want Sun One Web server 6.1 and JBoss App server combination. Almost all things are done. But I got one problem which i want to discuss. Basically, I have enabled Single Sign On for web server and through webserver App server got connected. The problem is if i know the ip and port on which App server running, i can able to connect directly on app server. I don't want to do that. Let only the request comes from web server (sun one- 6.1) and have the access on app server. So nobody can directly able to connect to app server. I have setup valve in the server.xml and allow only certain ip,but as this picks the client ip.(users who access it through internet obviously are not allowed with this configuration). But I want even those users also should able to connect from internet but only restriction is the request should come from web server only. I have use - className="org.apache.catalina.valves.RemoteAddrValve. I think I should have to provide different valve value than "RemoteAddrValve". we have 3 machines(load balancing) for web server,so we want only 3 IP should be allowd by Tomcat. Any expert? I am sure there is someone who had done this thing. please let me know the solution. Your suggestion would be appreciated. Thanks Maulik View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4012425#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...