I needed a way to restrict administration operations on a HTTP-based system; it has to be out-of-the-box configuration (the user can then make changes). The solution was to limit access to localhost.
- LocalhostFilter for HTTP requests - request must come from localhost (IPV4 or IPv6). Unlike HostFilter, this is specifically localhost.
- AuthorizationFilter403 for HTTP requests - if denied, give a 403 response.
- DenyFilter - deny, always (for testing).
Tested with Jetty.
Taken from https://svn.apache.org/repos/asf/jena/branches/jena-fuseki-new-ui/src/main/java/org/apache/jena/fuseki/authz/. This location should to (probably) https://svn.apache.org/repos/asf/jena/trunk/jena-fuseki/src/main/java/org/apache/jena/fuseki/authz/ at some point in the future.