It is not too clear to me what you mean, but - you can, in your web server config or script, differentiate between requests coming in through the loopback or external interfaces. If you need a username as parameter, you have no way without authentication, since http requests are by default anonymous. Only after requesting authentication (e.g. sending back a 401 status code and an Authentication line, the client will send a username embodied in the next GET or POST request.
You could use Kerberos to handle that transparently.
--shmem
_($_=" "x(1<<5)."?\n".q·/)Oo. G°\ /
/\_¯/(q /
---------------------------- \__(m.====·.(_("always off the crowd"))."·
");sub _{s./.($e="'Itrs `mnsgdq Gdbj O`qkdq")=~y/"-y/#-z/;$e.e && print}
In reply to Re: Limiting access to a local web application
by shmem
in thread Limiting access to a local web application
by akho
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |