Portus Version 2018-08-24     PDF BOOKS   |   HOME   UP   PREV   NEXT
 

Securing your server to IP address or hostname

This section will outline how to secure the Portus Web Services to a specific IP address/hostname.

All examples have been enclosed in <IfModule> directives. This means that the security directives will be ignored automatically if the Apache web server does not have Portus enabled.

Example 1

This example will show how to allow a request to the configuration service from only the local machine. This is local to where the Portus server is running, not where the Eclipse IDE is running (if different).

  1. Edit the Portus Apache configuration file.

  2. Enter the following directives

    <IfModule mod_xmiddle.c>
  <Location /configurationService>
      Allow from 127.0.0.1
      Deny from all
  </Location>
</IfModule>
  3. Restart the server

This would only allow access to the configuration web service from the local machine. All remote clients would be denied access.

Example 2

Only allow a remote machine to configure the Portus server.

  1. Edit the Portus Apache configuration file

  2. Enter the following directives

    <IfModule mod_xmiddle.c>
    <Location /configurationService>
        Allow from adminHost
        Deny from all
    </Location>
</IfModule>
  3. Restart the server

mple would only allow the machines adminHost to configure the Portus server. All others machines would be rejected access.

Example 3

  1. Edit the Portus Apache configuration file

  2. Enter the following directives

    <IfModule mod_xmiddle.c>
    <Location /configurationService>
        <Limit POST>
            Allow from adminHost
            Deny from all
        </Limit>
    </Location>
</IfModule>
  3. Restart the server

This would allow the machine adminHost to access the configuration, but would allow any client to access the configuration service WSDL.

Example 4

  1. Edit the Portus Apache configuration file

  2. Enter the following directives

    <IfModule mod_xmiddle.c>
    <Location /adabas_Employees>
        Allow from 127.0.0.1
        Deny from all
    </Location>
</IfModule>
  3. Restart the server

All remote access to the “adabas_Employees” resource would be denied. Note: This example will restrict access to the “adabas_Employees” service, not the XRD import or export. XRD import/export operations are provided by the configuration Web Service, to secure these operations see examples 1, 2 and 3.

Example 5

  1. Edit the Portus Apache configuration file

  2. Enter the following directives

    <IfModule mod_xmiddle.c>
    <Location /resourceService>
         Allow from 127.0.0.1
         Deny from all
    </Location>
</IfModule>
  3. Restart the server

All remote access to the “resourceService” resource would be denied.


Ostia
www.ostiasolutions.com 		Copyright @ 2006-2018 Ostia Software Solutions Limited.