Ip authentication in Spring Security
Question
I have Spring Security 4.2.2 in my web-app and configured LDAP based authentication. In addition i also need to authenticate all users with specified ip without log-in form and set the "local_user" role for them. How can i perform that authentication scenario?
upd: I mean, that "local users" must view the same content as the users that have authorized through login form.
1 answers
solution1
1 ACCPTED 2017-05-10 14:20:27
You can do that using antMatchers like below code:
@EnableWebSecurity
@Configuration
public class BasicSecurityConfig extends WebSecurityConfigurerAdapter{
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/baseUrl/anything-else/**").hasIpAddress("ipAddressExpression")
}
}
Updated
http.authorizeRequests()
.antMatchers("/baseUrl/anything-else/**").access("hasIpAddress('ipAddressExpression') or fullyAuthenticated()");
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Spring security: Adding a new ROLE which supports authentication by IP
Spring Security : Authentication with Database
Manually Authentication Spring Security
Spring 4 Security jdbc authentication
spring security authentication not working
Spring security https authentication
Spring Security and LDAP authentication
Spring security authentication server
Spring Security jwt authentication
Authorization and Authentication with Spring Security
Related Tags