Filtering access by IP

[Daniel Lopez]

Hi,

I have a secured service which used to run with Resin behind an SSL protected
Apache. Now, I'm trying to migrate this service to Orion but I can't seem to
find a proper way of configuring it so the security requirements are met. My
problem is that even if I used the secured Apache as front-end for my service,
the unprotected Orion server would still be reachable from the outside. Before
somebody suggests them, I have already discarded some solutions:
    .- I can't, right now, use SSL with Orion as the SSL certificate that I use
with Apache doesn't work with Orion. I would need to get another certificate and
that's not an acceptable solution at the moment.
    .- I could use the OS to prevent access from the outer world to the
unprotected Orion server, but I don't think this should be necessary, as it is a
non-portable solution and requires external handling.
So what I would like to have is a way to prevent access to my Orion server from
some hosts, or better, to allow just a couple of hosts, namely the Apache proxy,
to access my server. This is quite a common feature in web servers so I'm just a
bit surprised is not in Orion.
Did I miss something? Is it impossible to do without programming my own filter?
Thanks in advance,
Dan