When using the native client which uses SSH for authentication one can use it's mechanism to restrict who can login based on from where using the 'AllowedUsers' in SSHD configuration. This is not possible with ThinLinc Web Access client.
One possible solution could be using pam.rhosts pam module and /etc/hosts.equiv configuration for restricting access. However Web Access does not setup the required 'rhost' and 'ruser' when running pamtester for authentication.
*** This bug has been marked as a duplicate of bug 6346 ***