I need to add my own filter to the REST app, since I do not want anyone other than the clients that I need to access it. The clients will be servers themselves, which I could configure to check if the request is coming in from one of the configured sources (clients) and reject the requests not from them.
Also one our server requires client auth using certificates, but then using a REST client I need to provide a key store, cert, etc.
I want to avoid this by using another connector in tomcat for SSL and filter the client based on the request ip ?
Regards
Nirmal
