如果您只想允许几个IP地址,而不允许其他人使用,则您需要Remote Address Filter
Valve。
如果希望来自未知IP地址的客户端看到基本的登录对话框,并且可以自定义登录,则可以登录
Valve。在源
RemoteAddrValve(和它的父类
RequestFilterValve是出发点良好的。看看我以前的答案太。
无论如何,下面是概念证明代码。如果客户端来自受信任的IP
Principal,
Request则会填入,因此登录模块将不会要求输入密码。否则它不会碰到
Request对象,并且用户可以照常登录。
import java.io.IOException;import java.security.Principal;import java.util.ArrayList;import java.util.List;import javax.servlet.ServletException;import org.apache.catalina.connector.Request;import org.apache.catalina.connector.Response;import org.apache.catalina.realm.GenericPrincipal;import org.apache.catalina.valves.Valvebase;public class AutoLoginValve extends Valvebase { private String trustedIpAddress; public AutoLoginValve() { } @Override public void invoke(final Request request, final Response response) throws IOException, ServletException { final String remoteAddr = request.getRemoteAddr(); final boolean isTrustedIp = remoteAddr.equals(trustedIpAddress); System.out.println("remoteAddr: " + remoteAddr + ", trusted ip: " + trustedIpAddress + ", isTrustedIp: " + isTrustedIp); if (isTrustedIp) { final String username = "myTrusedUser"; final String credentials = "credentials"; final List<String> roles = new ArrayList<String>(); roles.add("user"); roles.add("admin"); final Principal principal = new GenericPrincipal(username, credentials, roles); request.setUserPrincipal(principal); } getNext().invoke(request, response); } public void setTrustedIpAddress(final String trustedIpAddress) { System.out.println("setTrusedIpAddress " + trustedIpAddress); this.trustedIpAddress = trustedIpAddress; }}还有一个配置示例
server.xml:
<Valve className="autologinvalve.AutoLoginValve" trustedIpAddress="127.0.0.1" />
