This week's giveaway is in the Spring forum.
We're giving away four copies of REST with Spring (video course) and have Eugen Paraschiv on-line!
See this thread for details.
The moose likes Tomcat and the fly likes Webapp security by IP range Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of REST with Spring (video course) this week in the Spring forum!
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Webapp security by IP range" Watch "Webapp security by IP range" New topic

Webapp security by IP range

Jared Cope
Ranch Hand

Joined: Aug 18, 2004
Posts: 243

I was wondering if it is possible to apply some webapp security that will kick in for connections made from a certain IP range, and will not kick in for another set of IP ranges.

The scenario is that I want users on our Intranet subnet to not have to authenticate, but if users visit the site from their home Internet connection then they do have to authenticate.

I can't seem to find any examples in the Tomcat manual or web that define a security realm by IP range. Has anyone had any success with this?

Cheers, Jared.

SCJP 1.4 91%, SCJP 1.5 88%, SCJD B&S
jQuery in Action, 3rd edition
subject: Webapp security by IP range
It's not a secret anymore!