Open Closed

Restricting IP Address to Blazor Web Server App in Microservices Template #2592


User avatar
0
thedatacrew created

ABP Framework version: v5.1.3 UI type: MVC / Blazor Server DB provider: EF Core Tiered (MVC) or Identity Server Separated (Angular): Blazor Server Microservices

Hi,

Where is the best place to inject an IP Address authorization check in the stack when using a Blazor Web Server App in Microservices? Please could you point us in the right direction?

IP restrictions are at a Tenant Level so the user would have to Authenticate and then have their IP checked against a whitelist in their Tenant. Or we resolve the Tenant first and check the IP Address whitelist and if passed allow the user authentication to proceed.

I have also looked at https://docs.microsoft.com/en-us/aspnet/core/security/ip-safelist?view=aspnetcore-6.0 and https://www.blogofpi.com/restrict-ip-address-in-asp-net-web-api/

We just can't quite find out where to inject it in the APB solution.

Thanks

Toby.


2 Answer(s)
  • User Avatar
    0
    gterdem created
    Senior .NET Developer

    If you don't want to grant authentication at all to a black-listed IP list (or vice versa), you can do it while signing by customizing SignIn Manager at AuthServer. If you want to check the authorization of an IP to reach a resource, you can add policy authorization to the related service.

  • User Avatar
    0
    thedatacrew created

    Thanks for the pointer we were able to get this working by using the Sign In Manager

Made with ❤️ on ABP v9.1.0-preview. Updated on November 11, 2024, 11:11