Hi all

Scott Dunbar wrote in a news posting in
weblogic.developer.interest.jsp (see
http://groups.google.ch/groups?hl=de...0805%40bea.com)
last year:

> As far as remembering the IP goes WLS could store the IP address and
> only allow access from the same IP. However, this is very likely to
> cause problems. If the client is coming from something that could
> provide a different IP address such as a load balancer or if you have
> many users behind a firewall with a NAT layer you could incorrectly
> allow or deny access.


We currently have the situation in an intranet project with a customer
using WLS 8.1 with Web Services and VB clients.

We would like to use persistent Cookies to allow users to call the Web
Services repeatedly without having to reauthenticate all the time.

Of course we will use SSL to secure the traffic between the clients
and WLS, but nevertheless we need to store the cookie at the client to
enable the "automatic reauthentication" aforementioned. Because of the
intranet situation we live in we think that there should be no
problems because of any network equipment we dont know of.

Is there any possibility to configure WLS to check the IP address of
the client presenting the cookie as described in the cited posting?

Thanks a lot for your assistance.

Regards,
Daniel