Thanks for the pointers! -----Original Message----- From: André Warnier [mailto:a...@ice-sa.com] Sent: Thursday, October 21, 2010 3:55 AM To: Tomcat Users List Subject: Re: Source Address based Realms
Aggarwal, Ajay wrote: > bump... looking for ideas... anybody? If the question finally is "..without using *container-based* authentication/authorisation", then have a look at http://securityfilter.sourceforge.net/ There is good explanation of the difference between the "container-based" and "filter-based" approach to AAA, and maybe it already offers what you want. Another good place to look would be http://www.tuckey.org/urlrewrite/ which is not properly-speaking an authentication filter, but which may help in your purpose. Both of these are open-source, so it should not be very hard to add the functionality you want, if it is not there already. > > -----Original Message----- > From: Aggarwal, Ajay [mailto:ajay.aggar...@stratus.com] > Sent: Tuesday, October 19, 2010 10:29 AM > To: Tomcat Users List > Subject: RE: Source Address based Realms > > Sorry. I meant... > > "Is there another way to achieve this, i.e. without using Realms or > mixing valve/filters with Realms?" > > -----Original Message----- > From: Aggarwal, Ajay [mailto:ajay.aggar...@stratus.com] > Sent: Tuesday, October 19, 2010 9:45 AM > To: users@tomcat.apache.org > Subject: Source Address based Realms > > I need to treat my clients differently depending on where they came > from. I need to trust all requests coming locally (i.e. from > 127.0.0.1/localhost) and not require them to authentication. However all > external requests need to go through authentication. Is there a way to > configure Realms in Tomcat to accommodate this? > > > > Is there another way to achieve this, i.e. without using Realms or > missing valve/filters with Realms? > > > > -Ajay > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
