I have a REST web service using spring MVC which is external-facing. I would

Question

0

Asked: May 26, 20262026-05-26T17:08:57+00:00 2026-05-26T17:08:57+00:00

I have a REST web service using spring MVC which is external-facing. I would

0

I have a REST web service using spring MVC which is external-facing.
I would like to restrict access to some REST calls for admin usage and for other servers on the same internal network to call.

So far I can think of the following solutions:

Use Spring-Security to restrict a mapping to a subnet using “hasIpAddress” access
Separate the sensitive REST calls into their own controller and Write an AOP pointcut which reads the HttpServletRequest for the IP address and check against a whitelist

I’m not fond of either solution. (1) doesn’t give me enough flexibility, I may be on several subnets, and may only want to open up an IP range. (2) Gives me nearly exactly what I want but it seems hacky, there must be a better way to do this.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-26T17:08:58+00:00

Editorial Team

2026-05-26T17:08:58+00:00Added an answer on May 26, 2026 at 5:08 pm

(2) why do you not want to use the “standard” annotations like @PreAuthrize. You can put them at the methods, so you do not need to move the sensitive REST methods to an other controller.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I have a REST web service using spring MVC which is external-facing. I would

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply