0 Replies Latest reply on Aug 25, 2017 11:07 AM by sukesh r

    How to restrict IP access In JBoss EAP 7 using whitelisting

    sukesh r Newbie

      Hi,

       

      Is there a way to restrict ip access using whitelisting of ip's in JBoss EAP 7 domain mode. The current settings I have made in domain.xml works fine, the settings has the ips in it.

       

      Instead of adding ip's in domain.xml, is there a way to whiltelist all of the ip's and access it ..?

       

      <subsystem xmlns="urn:jboss:domain:undertow:3.1">
        <buffer-cache name="default"/>
        <server name="default-server">
        <ajp-listener name="ajp" socket-binding="ajp" redirect-socket="https-lb"/>
        <http-listener name="default" record-request-start-time="true" socket-binding="http" redirect-socket="https"/>
        <host name="default-host" alias="localhost">
        <location name="/" handler="welcome-content"/>
        <filter-ref name="server-header"/>
        <filter-ref name="x-powered-by-header"/>
        <filter-ref name="ipAccess"/> <!-- added -->
        </host>
        </server>
        <servlet-container name="default">
        <jsp-config/>
        <websockets/>
        </servlet-container>
        <handlers>
        <file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>
        </handlers>
        <filters>
        <response-header name="server-header" header-name="Server" header-value="JBoss-EAP/7"/>
        <response-header name="x-powered-by-header" header-name="X-Powered-By" header-value="Undertow/1"/>
        <expression-filter name="ipAccess" expression="path-prefix[/appcontext] -> ip-access-control[default-allow=false, acl={'127.0.0.1 allow', '127.0.0.2 allow'}]"/> <!-- added -->
        </filters>
        </subsystem>