如果你使用的是servlet，你可以添加过滤器并分析客户端IP地址（请参阅这个问题）。

请注意，无法保证您将以任何方式确定正确的地址。

更好方法是将此方法与某种身份验证（用户/密码，客户端证书等）相结合。

如果可能，单独的应用程序也会更好。这样，您可以简化部署过程（在不同端口中运行的应用程序等）并使其更容易扩展，因为您的管理和常规应用程序负载，安全性，可用性等很可能具有不同的要求。 / p>

I have application running on Internet which contains some admin module also. I don't want to let the user access my admin module on Internet. I want that request coming from intranet can access admin module. Is there any way to control this without developing a new application which serves admin component?

If you are using servlets, you could add a filter and analyze the client IP address (see this question).
Be aware that there is no guarantee you will determine the correct address by any means.
A better approach would be combining this approach with some sort of authentication (user/password, client certificate, etc).

If possible, a separate application would also be better. This way you can simplify your deployment process (application running in a different port, etc) and make it easier to scale, since it is very likely that your administration and your regular application load, security, availability, etc, have different requirements.