Layer7 API Management

Hello,

Wondering if someone could provide some guidance.  I'd like to put restrictions in place on for particular URL patterns.  For example, I'd like to allow access to /api/administration for internal traffic, but disallow it for external traffic.  Any hints or examples on how to pull this off?

Thanks,

Alejandro

Hi Alejandro,

You will have to identify what is the difference between internal and external traffic. 

For example: All ip's that start with 10.20.51.x belong to internal and therefore allow access to API's. Any other hosts with other ip's, requesting for access, are not allowed.

This can be achieved by the variable ${request.tcp.remoteip}. This variable returns the ip address of the requester. You can build your logic accordingly. 

Hope this helps.

Regards

Seenu Mathew

sorry to ask, but to which CA product does that question (am its answer) apply ? thanks, Veronique

Hi Veronique,

This post is in the CA API Management (formerly Layer7) community. 

I see why you have this question Veronique. I moved internally in CA from supporting CA Performance Management/eHealth to CA API Management and you are following me in the communities. 

Regards

Seenu Mathew

Hi acalbazana,

To add a bit on to the response from Seenu, you can use the variable ${request.http.uri} to obtain the URI portion and make decisions based on this.

I.e:

If URI = /api/administration
AND
IP Address is within the internal network
THEN
Allow access

To accomplish this you can use a combination of the compare expression assertion and the Allow access to IP range assertion

More details on these assertions can be found in our documentation, CA API Gateway Home - CA API Gateway - 9.1 - CA Technologies Documentation 

Regards,

Joe

Hi acalbazana,

Does Joe's response answer your question?

Regards

Seenu Mathew