White-listing an ip in spring project

Question

I have a simple java application with login. It has a SecurityConfig class which extends WebSecurityConfigurerAdapter. And I have implemented couple of methods there

void configure(WebSecurity web)
void configure(HttpSecurity http)

In the configure(WebSecurity web) method, i'm ignoring authentication for certain URL's

public void configure(WebSecurity web) throws Exception {
    web
    .ignoring()
            .antMatchers(HttpMethod.POST, "/examplePattern");
}

I have some service endpoints in this project.Now I need to white-list a certain ip (which I have as a string array), which should be able to access only a specific endpoint. This is because all the calls to the endpoints go through the user login authentication.

Basically what I need is, if a certain endpoint is called from a specific IP, the request should reach the controller,without authenticating

I'm quite new to this area, so if you have a solution for this problem, please let me know.

Thanks in advance

Answer 1

You will require IP address based authentication provider as follows :

@Service 
public class IPAddressBasedAuthenticationProvider implements AuthenticationProvider {


     @Autowired
     private HttpServletRequest request;

     @Override
     public Authentication authenticate(Authentication authentication) throws AuthenticationException {

         String ipAddress = request.getRemoteAddr();
         // Check against your array.
         //return created authentication object (if user provided valid credentials)
    }
}

I hope this helps.