I want to be able to give non login authorization for a local subnet,
but force everybody else to login to a site.
Can I do this with combinations of ip-constraint and auth-constraint in
web.xml? Something like the following would give access to a private
subnet. Could I give access to everybody else by forcing them to login?
<security-constraint>
<web-resource-collection>
<url-pattern>/admin/*</url-pattern>
</web-resource-collection>
<ip-constraint>
<allow>192.168.1.0/24</allow>
</ip-constraint>
</security-constraint>
Thanks.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]