Hi Takeo, Wehn we came across this issue, we wrote our own servlet filter as IP based security is not defined in the JDK spec and then, even if you fin a solution like the one you ask, it will be orion-specific and non-portable. On the other hand, if you write your filter carefully, you can have a pretty flexible tool to do what you want (In our case we define the IP/Hostname masks through an XML document that can be loaded through the network, filesystem...). regards, D.
Takeo Kameda wrote: > Hi All. This is my first post. > I would like to allow only certain IPs to access some of my site. I know > that > can be done in orion-web.xml using "access-mask/ip-access", but I believe > it can only be applied to the whole application. What I want to do is to > block > IPs only to a certain directory. Is there any easy way to do that, like > using > .htaccess for apache? or, do I have to write my own servlet filter for > that? > thanks in advance.