Thanks for the pointers! -----Original Message----- From: André Warnier [mailto:[email protected]] Sent: Thursday, October 21, 2010 3:55 AM To: Tomcat Users List Subject: Re: Source Address based Realms
Aggarwal, Ajay wrote: > bump... looking for ideas... anybody? If the question finally is "..without using *container-based* authentication/authorisation", then have a look at http://securityfilter.sourceforge.net/ There is good explanation of the difference between the "container-based" and "filter-based" approach to AAA, and maybe it already offers what you want. Another good place to look would be http://www.tuckey.org/urlrewrite/ which is not properly-speaking an authentication filter, but which may help in your purpose. Both of these are open-source, so it should not be very hard to add the functionality you want, if it is not there already. > > -----Original Message----- > From: Aggarwal, Ajay [mailto:[email protected]] > Sent: Tuesday, October 19, 2010 10:29 AM > To: Tomcat Users List > Subject: RE: Source Address based Realms > > Sorry. I meant... > > "Is there another way to achieve this, i.e. without using Realms or > mixing valve/filters with Realms?" > > -----Original Message----- > From: Aggarwal, Ajay [mailto:[email protected]] > Sent: Tuesday, October 19, 2010 9:45 AM > To: [email protected] > Subject: Source Address based Realms > > I need to treat my clients differently depending on where they came > from. I need to trust all requests coming locally (i.e. from > 127.0.0.1/localhost) and not require them to authentication. However all > external requests need to go through authentication. Is there a way to > configure Realms in Tomcat to accommodate this? > > > > Is there another way to achieve this, i.e. without using Realms or > missing valve/filters with Realms? > > > > -Ajay > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
