tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tim Funk <>
Subject Re: combining remote address filter and basic authentication
Date Tue, 13 May 2003 23:27:02 GMT
AFAIK, there is no elegant way to do this. But but probably want to use a 
filter. The filter will check if the IP range is valid. If the ip range if 
not valid, it will look for the WWW-Authenticate (?) header and decode it 
according to the RFC. If there is no WWW-Authenticate - send a 401 redirect 
challenge back to the client. Google is your firend with respect to the 
topics above.


Vladimer Shioshvili wrote:
> What I am trying to do is combine remote address filter and basic 
> authentication in the following way:
> to allow access to anyone with ip address10.*.*.* and for the rest to 
> use basic authentication using users.xml file.
> Has anyone done anything like this? I do mostly form based 
> authentication and this is something new I am facing..
> Thanks,
> Vlad

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message