implement match filter for direct authentication

3bc8c7ac · michael.simon · a83ba099 · 3bc8c7ac
Commit 3bc8c7ac authored Apr 06, 2016 by michael.simon
--- a/bwreg-webapp/src/main/java/edu/kit/scc/webreg/sec/SecurityFilter.java
+++ b/bwreg-webapp/src/main/java/edu/kit/scc/webreg/sec/SecurityFilter.java
@@ -215,10 +215,13 @@ public class SecurityFilter implements Filter {
 			response.sendError( HttpServletResponse.SC_NOT_ACCEPTABLE );
 			return;
 		}
+
 		String directAuthAllow = appConfig.getConfigValue("direct_auth_allow");
-		/*
-		 * need to implement subnet matching here
-		 */
+		if (! request.getRemoteAddr().matches(directAuthAllow)) {
+			logger.info("Denying direct-auth from {}. Does not match.", request.getRemoteAddr());
+			response.sendError( HttpServletResponse.SC_NOT_ACCEPTABLE );
+			return;
+		}
 		
 	    String auth = request.getHeader("Authorization");
 	    if (auth != null) {