Spring Security IP Restrictions in Grails

24 / Sep / 2012 by Prakash Balodi 0 comments

Spring security provides  various methods to ensure that users are getting access to only those parts of application for which they are authorized. one such feature is IP address restriction, which allows mapping URIs to certain IP address(es) so that these URIS are only accessible from these IP address.  These restrictions can be specified in config as –

grails.plugins.springsecurity.ipRestrictions = [
'/admin/**': '192.168.1.0/24',                     //allow access  to admin pages only from LAN
]

also, these restriction mappings can be changed at run time by using the “ipAddressFilter” bean. for example –

 def ipAddressFilter //bean injected to change restriction mappings dynamically.

//change restrction mappings, note that it will overwrite all previous mappings with one defined here.
    def allowAdminAccess() {
        Map ipRestrictionMap= ['/admin/**': request.getRemoteAddr()]
        ipAddressFilter.setIpRestrictions(ipRestrictionMap);
}

one can also obtain the current set of restrictions applied on a specific URI as follows –

Map restrictionsForAdminPages=ipAddressFilter.findMatchingRules("/admin/**")

Tag -

FOUND THIS USEFUL? SHARE IT

Leave a comment -