Hi all,

I know it's a big potential security hole but my question is:

Would it be possible to automagically map all http request coming from localhost to a special principal? I tought about a custom RunAsManager but I can't figure out where to get the information where the request came from.
Subject for this construct is a simple webapp secured by spring security.
Any hints on how this could be achieved are highly welcome!

Regards,

Pelle