ABP Framework version: v5.1.3 UI type: MVC / Blazor Server DB provider: EF Core Tiered (MVC) or Identity Server Separated (Angular): Blazor Server Microservices
Hi,
Where is the best place to inject an IP Address authorization check in the stack when using a Blazor Web Server App in Microservices? Please could you point us in the right direction?
IP restrictions are at a Tenant Level so the user would have to Authenticate and then have their IP checked against a whitelist in their Tenant. Or we resolve the Tenant first and check the IP Address whitelist and if passed allow the user authentication to proceed.
I have also looked at https://docs.microsoft.com/en-us/aspnet/core/security/ip-safelist?view=aspnetcore-6.0 and https://www.blogofpi.com/restrict-ip-address-in-asp-net-web-api/
We just can't quite find out where to inject it in the APB solution.
Thanks
Toby.
2 Answer(s)
-
0
If you don't want to grant authentication at all to a black-listed IP list (or vice versa), you can do it while signing by customizing SignIn Manager at AuthServer. If you want to check the authorization of an IP to reach a resource, you can add policy authorization to the related service.
-
0
Thanks for the pointer we were able to get this working by using the Sign In Manager
