I am using JNDI Realm to authenticate with LDAP and after a little bit of exploration i found that a filter is always executed after a realm executes and hence filters will not solve my problem. Will check out Valves now.
On Fri, 2009-05-15 at 13:36 +0200, André Warnier wrote: > Shashank Rachamalla wrote: > > Hi! > > Is there any way to configure <security-constraint> for a webapp to > > disable authentication and authorization for a particular IP address and > > enable it for all other IP addresses. > > > Probably not, since I doubt that this is foreseen by the Servlet > Specification. > But I can think of a way, subject to confirmation by an expert on this > list : > > You could write a simple servlet filter, which checks the caller's IP > address, and if it matches, sets the user-id in the session to some > pre-determined value. > It is possible that when the authentication code finds out that there is > already a user set, it would just return OK and let the call through. > And for your application code, it would be easier to deal with a case > where there is always a user-id (even if one is a dummy), than have to > deal with some cases where it is not set, no ? > > What I am not quite sure of, is whether a filter runs early enough to > precede the authentication part, or not. > I guess if not, then you would have to implement this as a Valve. > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > Please do not print this email unless it is absolutely necessary. The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
