JDBCRealm with IP address filtering?

[Dean Ashby <d....@alchemy.co.nz>]

Has anyone come across an extension of JDBCRealm that allows users to be 
associated with an IP address and subnet mask as well as a password?

Basically what I'm looking for is a way to restrict specific users to be 
able to log in from a specific IP address or address range, i.e. from 
work but not from home.  Some users may still be able to log in from any 
address but some will be tied to specific IPs.  This rules out using an 
IP Address Filter as the address(es) will depend on the user.

I've trawled the mailing lists and Google but can't find anything and am 
thinking I'll have to resort to extending JDBCRealm to use two 
additional fields in the database to store an IP address and netmask for 
each user but figured I'd ask here first.

Looking at the JDBCRealm code I'm not 100% sure that I'll be able to 
achieve this by extending the class.  The request object containing the 
client IP address is not available to the authenticate() methods.  I 
guess I might have to override hasResourcePermission() which does have 
access to the request and therefore the principal and IP address as 
well.  Just not sure of the order in which these methods get called... 
time to experiment but if anyone has tried this before and has any tips 
or pointers I'd appreciate hearing from you.

Thanks,

Dean