2 Replies Latest reply on Aug 7, 2018 1:03 AM by sarath gadde

    Restrict access to specific webpages for requests coming from specific IP addresses

    Nitin Jain Newbie



      I would like to configure WildFly such that it allows requests coming from a certain IP address to a limited set of functionality or web pages. I am able to configure WildFly to allow or deny access to requests coming from a particular IP address; however not able to filter on the URL.


      In undertow subsystem, I have the following configuration.


      <subsystem xmlns="urn:jboss:domain:undertow:3.1">

      <buffer-cache name="default"/>

      <server name="default-server">

      <ajp-listener name="ajp" socket-binding="ajp"/>

      <http-listener name="default" socket-binding="http" redirect-socket="https"/>

      <https-listener name="https" security-realm="APP_Realm" socket-binding="https"/>

      <host name="default-host" alias="localhost">

      <location name="/" handler="welcome-content"/>

      <filter-ref name="server-header"/>

      <filter-ref name="x-powered-by-header"/>

      <filter-ref name="http-to-https" predicate="equals(%p,8180)"/>

      <filter-ref name="ip-access-rule-1"/>



      <servlet-container name="default">





      <file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>



      <response-header name="server-header" header-name="Server" header-value="JBoss-EAP/7"/>

      <response-header name="x-powered-by-header" header-name="X-Powered-By" header-value="Undertow/1"/>

      <expression-filter name="ip-access-rule-1" expression="path-suffix('/screens/landing/case-list') -> ip-access-control(default-allow=false, acl={' allow'})"/>

      <rewrite name="http-to-https" redirect="true" target="https://app1:8543%U"/>




      Now, I would like to configure Wildfly to only allow requests with the pattern "/screens/landing/case-list" coming from IP, rest should be blocked. Please advise.


      Best Regards,

      Nitin Jain