Client IP Condition

The Client IP condition allows you to use the IP address of the user making the request to determine whether the user is allowed access to a resource.

NOTE:Client IP will support IPv4 addresses and not IPv6 addresses.

Specify the following details:

Comparison: Specify how the client IP address is compared to the data in the Value field. Select either an IP comparison or a regular expression:

  • Comparison: IP: Specifies that you want the values compared as IP addresses. Select one of the following:

    • Equals: Allows you to specify an IP address that the client must match. You can specify more than one.

    • In Range: Allows you to specify a range of IP addresses that the client’s address must fall within. You can specify more than one range.

    • In Subnet: Allows you to specify the subnet that the client’s address must belong to. You can specify more than one subnet.

  • Comparison: Regular Expression: Matches: Specifies that you want the values compared as regular expressions. If you select this option, you must also specify a mode. Select one or more of the following:

    • Canonical Equivalence
    • Case Insensitive
    • Comments
    • Dot All
    • Multi-Line
    • Unicode
    • Unix Lines

    For regular expression syntax information, see the Javadoc for java.util.regex.Pattern.

Value: Select Data Entry Field and specify a value appropriate for your comparison type. Use the Edit button to access a text box where you can enter multiple values, each on a separate line. (For more information, see Edit Button.) Use the Add button to add values one at a time. For example:

Comparison Type

Value

Equals

 
10.10.10.10
10.10.10.11

In Range

 
10.10.10.10 - 10.10.10.100
10.10.20.10 - 10.10.20.100

In Subnet

 
10.10.10.12 / 22
10.10.20.30 / 22

Other values types are possible. For example, if your user store contains an LDAP attribute with the IP address of your users, you could select to compare the client’s current IP address with the stored value by using an LDAP attribute or a Liberty User Profile value.

Result on Condition Error: Specify what the condition returns when the comparison of the two values returns an error rather than the results of the comparison. Select either False or True. If you do not want the action applied when an error occurs, select False. If you want the action applied when an error occurs, select True.