This week's book giveaway is in the Design forum.
We're giving away four copies of Building Microservices and have Sam Newman on-line!
See this thread for details.
The moose likes Tomcat and the fly likes Allowing the internal users and authenticating the external users. Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Building Microservices this week in the Design forum!
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Allowing the internal users and authenticating the external users." Watch "Allowing the internal users and authenticating the external users." New topic
Author

Allowing the internal users and authenticating the external users.

Ganesh Subrahmanya
Greenhorn

Joined: Feb 19, 2004
Posts: 4
I have a web application running on Tomcat ( version 5 ). My requirement is that I need to allow internal users without any authentication and need to authenticate the external users. We know the IP Address range for internal users ( say something like 152.186.192.* ).

I tried using the Valve -- RemoteAddrValve and Memory Realm together, but then I don't get the intended functionality.

Is there a way in which I can achieve this requirement of allowing internal users and forcing the external users to enter username and password.
Ganesh Subrahmanya
Greenhorn

Joined: Feb 19, 2004
Posts: 4
Can anybody suggest me a solution for this ?

Well!, as I said, I need to allow internal users ( I know the IP address range like 152.168.192.* for internal users ) and force the external users to login.

Does writing a custom Valve help me in this case ?

Can somebody help me with this ???
Ulf Dittmer
Rancher

Joined: Mar 22, 2005
Posts: 42958
    
  73
Not sure how to use valves to do this, but HttpServletRequest.getRemoteAddr() gives you the IP address, so for outsiders you can do something like:



which will cause the client to be challenged for authentication.
 
I’ve looked at a lot of different solutions, and in my humble opinion Aspose is the way to go. Here’s the link: http://aspose.com
 
subject: Allowing the internal users and authenticating the external users.
 
It's not a secret anymore!