Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 78297 invoked from network); 19 Oct 2010 15:01:55 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 19 Oct 2010 15:01:55 -0000 Received: (qmail 27305 invoked by uid 500); 19 Oct 2010 15:01:52 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 27146 invoked by uid 500); 19 Oct 2010 15:01:49 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 27132 invoked by uid 99); 19 Oct 2010 15:01:48 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 19 Oct 2010 15:01:48 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of aw@ice-sa.com designates 212.85.38.228 as permitted sender) Received: from [212.85.38.228] (HELO tor.combios.es) (212.85.38.228) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 19 Oct 2010 15:01:41 +0000 Received: from [192.168.245.129] (p549E86F3.dip0.t-ipconnect.de [84.158.134.243]) by tor.combios.es (Postfix) with ESMTPA id 10CB42260E8 for ; Tue, 19 Oct 2010 16:57:41 +0200 (CEST) Message-ID: <4CBDB2BB.7010409@ice-sa.com> Date: Tue, 19 Oct 2010 17:01:15 +0200 From: =?ISO-8859-1?Q?Andr=E9_Warnier?= Reply-To: Tomcat Users List User-Agent: Thunderbird 2.0.0.23 (Windows/20090812) MIME-Version: 1.0 To: Tomcat Users List Subject: Re: Source Address based Realms References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Aggarwal, Ajay wrote: > I need to treat my clients differently depending on where they came > from. I need to trust all requests coming locally (i.e. from > 127.0.0.1/localhost) and not require them to authentication. However all > external requests need to go through authentication. Is there a way to > configure Realms in Tomcat to accommodate this? > > > > Is there another way to achieve this, i.e. without using Realms or > missing valve/filters with Realms? > > Maybe phrasing the problem in a different way would throw another light on the issue : You want to automatically authenticate requests coming from a given IP (or IP range), for example by authenticating them as user "local", and not do this for other requests, which then would have to go through a normal authentication. Since I am more familiar with Apache httpd than with Tomcat, I will ask if by any chance you are already fronting Tomcat with another webserver ? --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org