tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aggarwal, Ajay" <Ajay.Aggar...@stratus.com>
Subject RE: Source Address based Realms
Date Thu, 21 Oct 2010 18:33:02 GMT
Servlet filter was the first thing that came to my mind, but I was
hoping to leverage tomcat's built-in Realm support, if I could.

Thanks for your suggestions.

-Ajay

-----Original Message-----
From: Srinivasa Rao.Kandula [mailto:srinivas_j2ee@yahoo.com] 
Sent: Wednesday, October 20, 2010 4:46 PM
To: Tomcat Users List
Subject: Re: Source Address based Realms

I'm providing my comments assuming that you are a Java developer.

	1. Do you see any issues using a Servlet filter for doing this?
	2. You could use realms if you can access ServletRequest object
which will give 
you the IP address of the client. But I don't think you can access 
ServletRequest object in relam class in tomcat. I know you can do it
with JBoss
	3. You may be able to write custom callback handlers and
callback and get 
client IP to realm(a wild guess)

 Regards,
Srinivas.




________________________________
From: "Aggarwal, Ajay" <Ajay.Aggarwal@stratus.com>
To: Tomcat Users List <users@tomcat.apache.org>
Sent: Wed, October 20, 2010 12:53:42 PM
Subject: RE: Source Address based Realms

bump... looking for ideas... anybody?

-----Original Message-----
From: Aggarwal, Ajay [mailto:Ajay.Aggarwal@stratus.com] 
Sent: Tuesday, October 19, 2010 10:29 AM
To: Tomcat Users List
Subject: RE: Source Address based Realms

Sorry. I meant...

"Is there another way to achieve this, i.e. without using Realms or
mixing valve/filters with Realms?"

-----Original Message-----
From: Aggarwal, Ajay [mailto:Ajay.Aggarwal@stratus.com] 
Sent: Tuesday, October 19, 2010 9:45 AM
To: users@tomcat.apache.org
Subject: Source Address based Realms

I need to treat my clients differently depending on where they came
from. I need to trust all requests coming locally (i.e. from
127.0.0.1/localhost) and not require them to authentication. However all
external requests need to go through authentication. Is there a way to
configure Realms in Tomcat to accommodate this? 



Is there another way to achieve this, i.e. without using Realms or
missing valve/filters with Realms?



-Ajay


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


      

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message