Armbruster IT Blog » tip http://blog.armbruster-it.de Real world fun with Java, Grails, Groovy, Zope, Plone, Linux and much others. Tue, 11 Oct 2011 11:42:29 +0000 en hourly 1 http://wordpress.org/?v=3.2.1 restrict a Grails controller to localhost access only http://blog.armbruster-it.de/2010/04/restrict-a-grails-controller-to-localhost-access-only/ http://blog.armbruster-it.de/2010/04/restrict-a-grails-controller-to-localhost-access-only/#comments Mon, 19 Apr 2010 13:47:38 +0000 Stefan Armbruster http://blog.armbruster-it.de/?p=137 A common requirement for many web applications is that some parts (aka controllers) should only be accessible from specifc ip addresses. Typically controllers doing some administrative or maintenance work must be protected from non-authroized access. The most complete solution for this is using a full blown security framework like the Grails Acegi plugin. But there’s also a lean and quick solution for this in Grails: use a controller interceptor:

def beforeInterceptor = { if (!["127.0.0.1", "0:0:0:0:0:0:0:1"].contains(request.remoteAddr)) { render(status: 401, text: 'Access limited to localhost') return false } }
raw download
def beforeInterceptor = {
   if (!["127.0.0.1", "0:0:0:0:0:0:0:1"].contains(request.remoteAddr)) {
      render(status: 401, text: 'Access limited to localhost')
      return false
   }
}

Grails calls the beforeIntereceptor closure prior every action in a controller. Only if it returns true, the action is executed. In the code above if the client has a non-local IP address, a 401 error is returned with an error message. Note that localhost in IPv6 is 0:0:0:0:0:0:0:1, so it work both in IPv4 and IPv6 networks.

]]> http://blog.armbruster-it.de/2010/04/restrict-a-grails-controller-to-localhost-access-only/feed/ 3