You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Dean Ashby <d....@alchemy.co.nz> on 2007/06/05 04:41:06 UTC
JDBCRealm with IP address filtering?
Has anyone come across an extension of JDBCRealm that allows users to be
associated with an IP address and subnet mask as well as a password?
Basically what I'm looking for is a way to restrict specific users to be
able to log in from a specific IP address or address range, i.e. from
work but not from home. Some users may still be able to log in from any
address but some will be tied to specific IPs. This rules out using an
IP Address Filter as the address(es) will depend on the user.
I've trawled the mailing lists and Google but can't find anything and am
thinking I'll have to resort to extending JDBCRealm to use two
additional fields in the database to store an IP address and netmask for
each user but figured I'd ask here first.
Looking at the JDBCRealm code I'm not 100% sure that I'll be able to
achieve this by extending the class. The request object containing the
client IP address is not available to the authenticate() methods. I
guess I might have to override hasResourcePermission() which does have
access to the request and therefore the principal and IP address as
well. Just not sure of the order in which these methods get called...
time to experiment but if anyone has tried this before and has any tips
or pointers I'd appreciate hearing from you.
Thanks,
Dean