Feature #49522

Add request patterns for IP and host name

Added by Alexander Berl about 2 years ago. Updated 2 months ago.

Status:Resolved Start date:2013-06-29
Priority:Should have Due date:
Assigned To:Alexander Berl % Done:

100%
Category:Security
Target version:-
PHP Version: Complexity:
Has patch:No

Description

A very common scenario for authentication providers and firewall setups is to check for specific IPs/IP ranges or host names.
Hence Flow should ship with RequestPatterns for those cases.

Associated revisions

Revision 91dd1765
Added by Alexander Berl 2 months ago

[FEATURE] Request patterns for host name and IP addresses

This change adds RequestPatterns for host name and IP addresses.
Host names are configurable with a simple wildcard ('*') pattern, IP
addresses use ``CIDR`` style pattern with support for both ``IPv4`` and
``IPv6`` following ``RFC4632`` and ``RFC4291``.

Examples:

Only grant access to clients with IPs from 192.168.178.0 to
192.168.178.255::

TYPO3:
    Flow:
      security:
        firewall:
          rejectAll: TRUE
          filters:
            'ip':
              patternType:  'Ip'
              patternValue: '192.168.178.0/24'
              interceptor:  'AccessGrant'

Protect an area of your application file based authentication and IP
check (only trigger authentication and entry points for clients with an
IP of ``127.0.0.1``)::

TYPO3:
    Flow:
      security:
        authentication:
          providers:
            'LocalNetworkProvider':
              provider: 'FileBasedSimpleKeyProvider'
              providerOptions:
                keyName: 'AdminKey'
                authenticateRoles: ['Acme.SomePackage:Administrator']
              requestPatterns:
                controllerObjectName: 'Acme\SomePackage\Controller\Administration\.*'
                ip: '::7F00:1'

Change-Id: I5494f0f90b563026cefda32a1763b3988316dcbf
Resolves: #49522
Releases: master, 3.0

Revision 2c1c4a32
Added by Alexander Berl 2 months ago

[FEATURE] Request patterns for host name and IP addresses

This change adds RequestPatterns for host name and IP addresses.
Host names are configurable with a simple wildcard ('*') pattern, IP
addresses use ``CIDR`` style pattern with support for both ``IPv4`` and
``IPv6`` following ``RFC4632`` and ``RFC4291``.

Examples:

Only grant access to clients with IPs from 192.168.178.0 to
192.168.178.255::

TYPO3:
    Flow:
      security:
        firewall:
          rejectAll: TRUE
          filters:
            'ip':
              patternType:  'Ip'
              patternValue: '192.168.178.0/24'
              interceptor:  'AccessGrant'

Protect an area of your application file based authentication and IP
check (only trigger authentication and entry points for clients with an
IP of ``127.0.0.1``)::

TYPO3:
    Flow:
      security:
        authentication:
          providers:
            'LocalNetworkProvider':
              provider: 'FileBasedSimpleKeyProvider'
              providerOptions:
                keyName: 'AdminKey'
                authenticateRoles: ['Acme.SomePackage:Administrator']
              requestPatterns:
                controllerObjectName: 'Acme\SomePackage\Controller\Administration\.*'
                ip: '::7F00:1'

Change-Id: I5494f0f90b563026cefda32a1763b3988316dcbf
Resolves: #49522
Releases: master, 3.0

History

#1 Updated by Gerrit Code Review about 2 years ago

  • Status changed from New to Under Review

Patch set 1 for branch master has been pushed to the review server.
It is available at https://review.typo3.org/21737

#2 Updated by Gerrit Code Review about 2 years ago

Patch set 2 for branch master has been pushed to the review server.
It is available at https://review.typo3.org/21737

#3 Updated by Gerrit Code Review about 1 year ago

Patch set 3 for branch master of project Packages/TYPO3.Flow has been pushed to the review server.
It is available at https://review.typo3.org/21737

#4 Updated by Gerrit Code Review 6 months ago

Patch set 4 for branch master of project Packages/TYPO3.Flow has been pushed to the review server.
It is available at http://review.typo3.org/21737

#5 Updated by Gerrit Code Review 2 months ago

Patch set 5 for branch master of project Packages/TYPO3.Flow has been pushed to the review server.
It is available at http://review.typo3.org/21737

#6 Updated by Gerrit Code Review 2 months ago

Patch set 6 for branch master of project Packages/TYPO3.Flow has been pushed to the review server.
It is available at http://review.typo3.org/21737

#7 Updated by Gerrit Code Review 2 months ago

Patch set 7 for branch master of project Packages/TYPO3.Flow has been pushed to the review server.
It is available at http://review.typo3.org/21737

#8 Updated by Gerrit Code Review 2 months ago

Patch set 8 for branch master of project Packages/TYPO3.Flow has been pushed to the review server.
It is available at http://review.typo3.org/21737

#9 Updated by Gerrit Code Review 2 months ago

Patch set 9 for branch master of project Packages/TYPO3.Flow has been pushed to the review server.
It is available at http://review.typo3.org/21737

#10 Updated by Gerrit Code Review 2 months ago

Patch set 1 for branch 3.0 of project Packages/TYPO3.Flow has been pushed to the review server.
It is available at http://review.typo3.org/39858

#11 Updated by Alexander Berl 2 months ago

  • Status changed from Under Review to Resolved
  • % Done changed from 0 to 100

Also available in: Atom PDF