Restricting Access To The AS Console To A Given IP Address Range Is Not Working
(Doc ID 886783.1)
Last updated on MARCH 23, 2020
Applies to:Enterprise Manager for Fusion Middleware - Version 10.1.2.0.2 to 10.1.2.3.0
Information in this document applies to any platform.
For security reasons you may want to restrict the access to the Application Server Console (AS Console) page so just client browsers from a specified Internet Protocol Address (IP address) range can connect to it.
Following the Chapter 6 - Configuration File Descriptions from the Oracle® Application Server Containers for J2EE Servlet Developer's Guide 10g Release 2 (10.1.2) to set it up the configuration is not working as expected. The restriction only works for the first IP address, but does not work for the whole range.
e.g. These are the lines you need to add to <ORACLE_HOME>/sysman/j2ee/application-deployments/em/default/orion-web.xml to restrict access to AS Console to localhost and ip1 to ip2, according to the documentation.
<ip-access ip="<ip1>" netmask="<ip>" mode="allow"/>
<host-access domain="localhost" mode="allow"/>
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document