{"id":7929,"date":"2012-09-24T11:30:22","date_gmt":"2012-09-24T06:00:22","guid":{"rendered":"http:\/\/www.tothenew.com\/blog\/?p=7929"},"modified":"2012-09-24T11:30:22","modified_gmt":"2012-09-24T06:00:22","slug":"spring-security-ip-restrictions-in-grails","status":"publish","type":"post","link":"https:\/\/www.tothenew.com\/blog\/spring-security-ip-restrictions-in-grails\/","title":{"rendered":"Spring Security IP Restrictions in Grails"},"content":{"rendered":"<p>Spring security provides \u00a0various methods to ensure that users are getting access to only those parts of application for which they are authorized. one such feature is IP address restriction, which allows mapping URIs to certain IP address(es) so that these URIS are only accessible from these IP address. \u00a0These restrictions can be specified in config as &#8211;<br \/>\n[java]<br \/>\ngrails.plugins.springsecurity.ipRestrictions = [<br \/>\n&#8216;\/admin\/**&#8217;: &#8216;192.168.1.0\/24&#8217;,                     \/\/allow access  to admin pages only from LAN<br \/>\n]<br \/>\n[\/java]<\/p>\n<p>also, these restriction mappings can be changed at run time by using the &#8220;ipAddressFilter&#8221; bean. for example &#8211;<br \/>\n[java]<br \/>\n def ipAddressFilter \/\/bean injected to change restriction mappings dynamically.<\/p>\n<p>\/\/change restrction mappings, note that it will overwrite all previous mappings with one defined here.<br \/>\n    def allowAdminAccess() {<br \/>\n        Map ipRestrictionMap= [&#8216;\/admin\/**&#8217;: request.getRemoteAddr()]<br \/>\n        ipAddressFilter.setIpRestrictions(ipRestrictionMap);<br \/>\n}<br \/>\n[\/java]<br \/>\none can also obtain the current set of restrictions applied on a specific URI as follows &#8211;<br \/>\n[java]<br \/>\nMap restrictionsForAdminPages=ipAddressFilter.findMatchingRules(&quot;\/admin\/**&quot;)<br \/>\n[\/java]<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Spring security provides \u00a0various methods to ensure that users are getting access to only those parts of application for which they are authorized. one such feature is IP address restriction, which allows mapping URIs to certain IP address(es) so that these URIS are only accessible from these IP address. \u00a0These restrictions can be specified in [&hellip;]<\/p>\n","protected":false},"author":43,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"iawp_total_views":13},"categories":[7],"tags":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/posts\/7929"}],"collection":[{"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/users\/43"}],"replies":[{"embeddable":true,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/comments?post=7929"}],"version-history":[{"count":0,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/posts\/7929\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/media?parent=7929"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/categories?post=7929"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.tothenew.com\/blog\/wp-json\/wp\/v2\/tags?post=7929"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}