Jetty webapp: How to restrict access to /admin to internal IPs?

StackOverflow https://stackoverflow.com/questions/20389439

Question

We have a web app deployed using embedded Jetty 8.1.10 and Jersey 1.17.1. Now we are required to only allow internal IP addresses to access /admin section, i.e. URLs with /admin segment.

What is the best way to do this with Jetty/Jersey configuration?

Thanks,

Alec

Was it helpful?

Solution

The simplest way to achieve it is to implement a standard servlet filter (javax.servlet.Filter) and register it in your web.xml

In the doFilter method you get an object representing the request from which you can obtain source IP and path information.

public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
    HttpServletRequest httpRequest = (HttpServletRequest) request;
    String ipAddress = httpRequest.getRemoteAddr();
    String path = httpRequest.getPathInfo();

    // do the filtering based on ipAddress and path

    // pass the request along the filter chain
    chain.doFilter(request, response);
}
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top