This is really more a firewall issue to the outside world, because what is "localhost" pure really localhost? If i just have a server with no ui at all? (which is very common)
then i am mostly on the local area network of that server and i do want then to access it
But everything from the ouside world should be blocked.
So this is really more a DMZ/Firewall problem then a pure tomcat problem
But for tomcat you have a configuration where you can do this:
http://tomcat.apache.org/tomcat-7.0-doc ... ess_Filterso in your global web.xml (conf/web.xml) you can add the above filter when configured it right (so the url mapping shouild then be servoy-admin)