Spring protection of several hasIPAddress antMatchers

Question

Spring protection of several hasIPAddress antMatchers

I have the following spring security configuration snippet:

http .authorizeRequests() .antMatchers("/tokens").hasIpAddress("10.0.0.0/16") ....

This works, but I would also like to provide access to "/tokens" from 127.0.0.1 . I was hoping something like the following would work, but it is not:

 http .authorizeRequests() .antMatchers("/tokens").hasIpAddress("10.0.0.0/16").hasIpAddress("127.0.0.1/32") ....

+12

spring spring-security

Marcf Feb 03 '15 at 15:49

source share

2 answers

Try setting this configuration in a spring security configuration file like this

 <http auto-config="true" use-expressions="true"> <intercept-url pattern="/tokens**" access="hasIpAddress('10.0.0.0/16') or hasIpAddress('127.0.0.1/32')" /> </http>

+4

aimadbk Mar 20 '15 at 11:06

source share

Milanka · Accepted Answer · 2015-03-26T09:29:35+0000

 http .authorizeRequests() .antMatchers("/tokens").access( "hasIpAddress('10.0.0.0/16') or hasIpAddress('127.0.0.1/32')") ....

Spring protection of several hasIPAddress antMatchers

More articles: