Not all firewalls can inspect the application request and block a specific path, a web server / container can.
So if you need to block out the whole host, go for the firewall. If it is a specific path, then consider the web server. BTW, IP addresses can be spoofed. It is good to use that in conjunction with another mechanism. Ben On Wed, 2003-06-18 at 09:18, Leo de Blaauw wrote: > Or rather in your firewall if you have one... > > Greetz > Leo > > -----Oorspronkelijk bericht----- > Van: Benjamin Tomasini [mailto:[EMAIL PROTECTED] > Verzonden: woensdag, juni 2003 15:18 > Aan: [EMAIL PROTECTED] > Onderwerp: Re: Authentication > > > Consider enforcing that in your servlet container or web server. > > Ben > > On Wed, 2003-06-18 at 09:09, Lanigan, Ronan wrote: > > Hi, > > > > I want to perform some Authentication for my Web Service. I have a list of > > machine names e.g. devmachine.xxx.com and I only want to service requests > > that come from these machines. We are using a list of machine names as the > > ip's for these machines can change. > > > > So, I need some mechanism whereby the ip of the requester can be checked > > against the ip of each of the machine names in the list (the machine names > > can be stored in an xml or properties file). If the ip's match then the > > request can be processed (passed onto the axis servlet?) otherwise an > error > > response should be generated. > > > > Does axis provide any specific mechanism for this sort of thing? > > > > Could I just change the address location in the wsdl for the service to a > > second servlet, which could forward the request to the proper address if > the > > ip is in the list? > > > > Thanks in advance, > > > > Ronan -- Benjamin Tomasini <[EMAIL PROTECTED]> NetEverything, LLC
