Spring Security - whitelist IP range

Question

A lot of resources and stackoverflow questions that I\'ve viewed provide answers to using .xml files:

• IP filter using Spring Security

Answer 1

So with the help of @Dur, we were able to troubleshoot the issue. The issue isn't with Spring Boot (everything works fine above) but the issue is that when a user goes to the Spring App locally (localhost:8080), localhost uses an IPv6 address and the above code allows access for an IPv4 address.

You either need to change your SpringSecurityConfig file by changing the IPv4 address to a IPv6 (or whatever Tomcat defaults to) OR you can change how you access the app (by going to 127.0.0.1:8080).

Note - this is only for local testing. You'll need to test and obtain the IP addresses of the users/services that will be accessing your app.

In short, you can whitelist an IP range by using the above code without an AuthenticationManagerBuilder.