Hi, I was wondering if it is possible to apply some webapp security that will kick in for connections made from a certain IP range, and will not kick in for another set of IP ranges.
The scenario is that I want users on our Intranet subnet to not have to authenticate, but if users visit the site from their home Internet connection then they do have to authenticate. I can't seem to find any examples in the Tomcat manual or web that define a security realm by IP range. Has anyone had any success with this? Cheers, Jared.
