Is there any way to restrict access from subnets or specific IP addresses to Tomcat like Apache does?

Alessandro A. Garbagnati

No, unfortunately as per Tomcat 3.2.1 there is no way to set configuration directives (like in Apache) for restricting access.

The web server part of Tomcat it's very simple and basic, and If you need more complex features, the best solution it's to avoid using it and rely on a seriopus web server.

The other solution is to use a Model 2 architecture and verify the access in your controller servlet.