Customer want limit access to his applications based on client IP.
We have suggested IP limits feature on Domain and partnership level, but he want avoid that login page will be opened.
Then we try to use rewrite rules, but it does not works as we expected.
We have load rewrite module
LoadModule rewrite_module modules/mod_rewrite.so
Enable Rewrite module trace
LogLevel warn rewrite:trace3
Enable Rewrite engine
RewriteEngine On
Define Rewrite condition and rule
RewriteCond %{REMOTE_ADDR} ^192\.168\.80\.1$
RewriteRule ^ https://sps01.cmdom.ca/affwebservices/public/notauthorized.html [L,R=301]
Example should exclude access from my fisical PC to my SPS VM, but result is very strange.
Since I have enabled access on both ports 80 and 443, when I try to access on port 80 I'm redirected to defined notauthorized page.
But when I tray to access on 443 (https) redirection does not happen.
in my test I have used followed links:
http://sps01.cmdom.ca/affwebservices/public/saml2sso?SPID=SP_WORKDAY
I have been redirected to "not authorization" page
https://sps01.cmdom.ca/affwebservices/public/saml2sso?SPID=SP_WORKDAY
I have continued with navigation.
Obviously when RewriteRules are not in place I continue with navigation in both cases.
Any Idea how to done this task?
Thank you
Camil