André Warnier wrote:
and he's back.
Browsing the documentation of urlrewritefilter, at
http://tuckey.org/urlrewrite/manual/2.6/
In the <condition> element, one of the conditions is :
remote-addr The IP address of the host making the request, e.g.
123.123.123.12 i.e. request.getRemoteAddr()
So you can definitely test on 127.0.0.1
You can also, subsequent to this test, re-direct the request somewhere
else (have not yet found the rule for that).
So one way to do what you want joins a previous suggestion of Chuck :
- duplicate your webapp
- have it set up once as
(tomcat_dir)/webapps/thewebapp
(with the authentication bit)
- and again as
(tomcat_dir)/webapps/thewebapp-internal
(the same, just omit the authentication section in web.xml)
Then, set up urlrewritefilter so :
- if the request to /thewebapp comes from 127.0.0.1, re-direct it
(internally) to /thewebapp-internal
- otherwise, don't do anything (and it will hit the normal
authentication of /thewebapp
Inconvenient : requests that go through /theweapp-internal have /no/
authentication. If your webapp really needs one (internally), then you
have a problem. But if the authentication is merely to restrict access,
and the user-id is not used inside, then you're ok.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
