On Sun, Jul 6, 2014 at 1:35 PM, Konstantin Kolinko
wrote:
> I think you can inject RemoteAddrFilter into Spring Security filter
> chain (that is if you do not want to configure it separately in
> web.xml),
You are right, I did not think of that.
FWIW this is easily doable using custom filters [1]
2014-07-05 20:00 GMT+04:00 Falco Schwarz :
> On Sat, Jul 5, 2014 at 12:39 PM, Mark Thomas wrote:
>> Maybe look at a third party security plugin like Spring Security? Not sure
>> if this is supported but worth a look.
>>
>> Mark
>
> Thanks Mark and Konstantin for your quick replies. I tried to
> a
2014-07-06 13:45 GMT+04:00 Falco Schwarz :
> Konstantin,
>
> On Sat, Jul 5, 2014 at 3:26 PM, Konstantin Kolinko
> wrote:
>> You can either perform IP filtering in a Valve (that will be in the
>> pipeline before an Authenticator), or you can remove
>> security-constraint and implement authenticatio
On 5. Juli 2014 19:04:26 MESZ, Falco Schwarz wrote:
>On Sat, Jul 5, 2014 at 6:17 PM, Hassan Schroeder
> wrote:
>> (Sorry, late to the thread but ...) if you just want to restrict
>access to
>> a resource to localhost, why not os-level e.g. an iptables rule?
>
>Well, the reason behind the restric
Konstantin,
On Sat, Jul 5, 2014 at 3:26 PM, Konstantin Kolinko
wrote:
> You can either perform IP filtering in a Valve (that will be in the
> pipeline before an Authenticator), or you can remove
> security-constraint and implement authentication and authorization in
> a filter (such as Security F
