IP Whitelist
IP Whitelist policy allows a list or range of IP addresses to access and interacts with a configured API endpoint.
To Start with we will create an mule application and connect it with API manager – please see how we can connect the mulesoft application to API Manager
After deployment in Cloudhub the API manager configuration will come as Active
Now we will apply the IP Whitelist policy
Select IP Whitelist
Now update the policy configuration
IP expression – this is the expression from where the policy will source the IP address from incoming request
So here also we have two way of capturing incoming request’s IP address
- The API is behind the Dedicated Load Balancer (DLB) or Shared Load Balancer (SLB)
We use attributes.headers[‘X-Forwarded-For’] as this will hold the actual originator IP address. This is populated by the proxy services or load balancer when they route it to actual target
- The request hits the worker of the API directly
We use attributes.remoteAddress as this will host the Client IP address
In case of above scenario attributes.remoteAddress will hold the IP address of the Proxy server or Load balancer
Whitelist
This can be your IP address or IP range you wish to whilelist
Now if I look for my IP address then it’s come out to be
i
Let’s update the IP Whitelist configuration
#[attributes.headers[‘X-Forwarded-For’]] for IP expression and My IP address as Whitelist IP
Click apply
Now if I hit this API then I’ll get
From another System
To understand the attributes.headers[‘X-Forwarded-For’] and attributes.remoteAddress better then we will add the log for these two attributes value
Now if we look into the Cloudhub logs
/18.219.185.76:18162 and /13.59.208.11:28936 are both remoteAddress whereas 106.210.75.203 is X-Forwarded-For or Originator address
As we are using Cloudhub shared load balancer so that’s why remoteAddress is changing as per forwarding Load balancer
Sample mule application – sample-rest-service-ip-blacklist
SOAP UI application – sample-rest-service-ip-blacklist-soapui-project