Chen, Junjie 324aa7d3c4 APIG UMN 20240708 version

Reviewed-by: Mützel, Andrea <andrea.muetzel@t-systems.com>
Co-authored-by: Chen, Junjie <chenjunjie@huawei.com>
Co-committed-by: Chen, Junjie <chenjunjie@huawei.com>

2024-11-05 15:25:06 +00:00

1.2 KiB

Raw Permalink Blame History

Are Client IP Addresses Verified for Access Control?

Not necessarily.

In APIG, access control is based on the value of $remote_addr. $remote_addr indicates a client IP address and is determined by the access mode. If a client accesses APIG without using any proxy, remote_addr is the client's IP address. If a client accesses APIG using a proxy, the client first accesses the proxy, and the proxy then forwards the request to APIG. In this case, remote_addr is the proxy's IP address.

Parent topic: Access Control

1.2 KiB Raw Permalink Blame History

Are Client IP Addresses Verified for Access Control?

1.2 KiB

Raw Permalink Blame History