In our portal, we are using roles to restrict navigation. However, we now have a need to further restrict the navigations by which IP address the user is coming in from. For instance, if the user is logging in from 10.x.x.x, then allow them to see everything. If they are logging in from some other IP address, then hide navigating to certain roles; like SRM - Go Shopping. This would be very useful in a kiosk situation where the kiosks have static IP addresses and we only want users to access ESS from the kiosk, and not the SRM roles.