I am not completely sure, if the web page protection kicks in before servlet filters are processed. If this is the case, why not write a filter that checks if the (authenticated) user is from the allowed address. If so, proceed, else kick him out again.
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3840981#3840981 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3840981 ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
