You could literally examine the IP of the incoming request (look at ServletRequest object), or you could have A set some sort of flag in request to indicate to the filter to let the request through regardless.
-- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com On Fri, June 24, 2005 2:32 pm, Jason Novotny said: > > Hi Jim, > > Thanks-- I just looked at using a filter as a solution, but there > seems to be a problem. I want the servlet in webapp A to be able to > dispatch to B but not a user. The problem is the filter will block all > requests including the dispatch from A. I need a way to somehow ensure > that A can invoke servlet B in web app B but not a user navigating > directly... any ideas are greatly appreciated. > Actually one question would be how to create a filter that allows > incoming requests from that same machine but not IP's outside of it I > guess? > > Thanks, Jason > > > Jim Henderson wrote: > >>Take a look at yesterdays (6/23 5:02 PM) posting "Blocking urls". That >>should help. >> >>-----Original Message----- >>From: Jason Novotny [mailto:[EMAIL PROTECTED] >>Sent: Thursday, June 23, 2005 10:13 PM >>To: [email protected] >>Subject: how do i restrict servlet access? >> >> >> >>Hi, >> >> I have a webapp A that uses cross-context to dispatch requests to >>webapp B. However, I want users to have to go thru webapp A and the >>mapping I set in web.xml. How do I restrict access so only webapp A can >>invoke B's servlet but B should be inaccessible to users navigation. Is >>there something I can set in the web.xml of B or would I need to modify >>server.xml as a site wide configuration? >> >> Thanks, Jason >> >>--------------------------------------------------------------------- >>To unsubscribe, e-mail: [EMAIL PROTECTED] >>For additional commands, e-mail: [EMAIL PROTECTED] >> >> >> >> >>--------------------------------------------------------------------- >>To unsubscribe, e-mail: [EMAIL PROTECTED] >>For additional commands, e-mail: [EMAIL PROTECTED] >> >> >> >> > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
