Commit 3bc8c7ac authored by michael.simon's avatar michael.simon
Browse files

implement match filter for direct authentication

parent a83ba099
......@@ -215,10 +215,13 @@ public class SecurityFilter implements Filter {
response.sendError( HttpServletResponse.SC_NOT_ACCEPTABLE );
return;
}
String directAuthAllow = appConfig.getConfigValue("direct_auth_allow");
/*
* need to implement subnet matching here
*/
if (! request.getRemoteAddr().matches(directAuthAllow)) {
logger.info("Denying direct-auth from {}. Does not match.", request.getRemoteAddr());
response.sendError( HttpServletResponse.SC_NOT_ACCEPTABLE );
return;
}
String auth = request.getHeader("Authorization");
if (auth != null) {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment