HI, I have a question on Anonymous user,
in the Administration --> Users I have created the Anonymous user, the field “Permitted IP Mask” into user configuration it’s only for the app login or it’s valid also for anonymous user access (so to view one page without login)?
thanks to all
Hi,
it’s only for the app login or it’s valid also for anonymous user access
It’s being checked only on login (not valid for anonymous user)
Hi Vlad,
ok thanks for the reply, do you know if there’s a way to check the IP address for the anonymous user?
If you have only one page, you can implement the check right in the screen controller.
If you want to make it global, then, for example, you can override AnonymousAuthenticationProvider
, note that it will affect login page also.
1 Like
Thanks @Vlad,
I implement the check in screen controller:
@Subscribe
public void onBeforeShow(BeforeShowEvent event) throws Exception {
RequestContext requestContext = RequestContext.get();
HttpServletRequest request = requestContext.getRequest();
if(!request.getRemoteAddr().equalsIgnoreCase({ipAddress})){
throw new Exception("****IP Address not valid: " + request.getRemoteAddr() + " ****");
}
}
Hi @minaev
when the user anonymous failed the IP address check, it’s possible redirect the user on a custom screen instead on the login page?
thanks
Yes, just use OpenMode.ROOT
:
@Inject
private Screens screens;
...
screens.create(OtherScreen.class, OpenMode.ROOT).show();