1

My web application has security configuration in web.xml. It runs on Wildfly and uses ActiveDirectory for sign-on.

I want some ipaddress to bypass this security constraints. Is it possible?

For instance any request from 100.35.6.124 and 100.35.6.122 will bypass the login.

<security-constraint>
    <web-resource-collection>
        <web-resource-name>Unauthenticated Resources</web-resource-name>
        <url-pattern>/version</url-pattern>
    </web-resource-collection>
</security-constraint>

<security-constraint>
    <web-resource-collection>
        <web-resource-name>All Resources</web-resource-name>
        <url-pattern>/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
        <role-name>*</role-name>
    </auth-constraint>
</security-constraint>  

<login-config>
    <auth-method>FORM</auth-method>
    <realm-name>ActiveDirectoryRealm</realm-name>
    <form-login-config>
        <form-login-page>/login.html</form-login-page>
        <form-error-page>/login.html</form-error-page>
    </form-login-config>
</login-config>

<security-role>
    <role-name>*</role-name>
</security-role>
Chris
  • 199
  • 2
  • 13

0 Answers0