Hi Lon!

What about using the container features for this? If you are using Tomcat you 
could add a RemoteAdressValve 

<Valve className="org.apache.catalina.valves.RemoteAddrValve"

The allow attribute needs a regular expression with the ip adresses from your 
whitelist. In the example only requests from localhost are accepted.


-----Urspr√ľngliche Nachricht-----
Von: Lon Varscsak [mailto:lon.varsc...@gmail.com] 
Gesendet: Dienstag, 10. April 2018 22:49
An: users@wicket.apache.org
Betreff: IP Authentication

I have a need to build some apps (or mount points) to check if the source is 
coming from an internal IP and if not, present the user with an "unauthorized" 
request.  I know how to check client IP and what not, but I'm not sure how to 
generate programmatically a simple WebResponse that is just some text with a 
status code.

1) I'm currently using IRequestCycleListener to listen and then hijack the 
response.  Not sure if this is the appropriate place.
2) How do you programmatically generate a response without implementing all the 
methods of WebResponse.  At the point that the IRequestCycleListener the 
response that is in the cycle already has content.  Basically I want to throw 
that away and return "Unauthorized"/401.

Any thoughts or suggestions?



To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org

Reply via email to