on 11-29-2021 2:01 PM
Hi there,
can anyone provide me with information about IP White-/Blacklisting in SAPUI5 applications running on the SAP BTP platform? Apart from the access mechanisms like e.g. SAML2.0 Access Protocol for login, how can you prevent e.g. someone from North Korea to even make a call to your application (by blocking an IP range)?
Thank you.
Regards,
Andreas
Generally, you don`t. At least BTP does not provide you any means define your own IP allow and deny lists. Apart from the SAML2 authentication options e.g. via IAS. It kind of boils down to your use case.
If you are worried about export control and sanctions compliance, then that is some thing SAP is taking care of. See this statement: https://www.sap.com/about/agreements/export-statements.html
If you are worried out of security concerns, then maybe reconsider this IP filter thingy because is does not get you any additional security from attackers. Even script kiddies know how to handle attacks via a proxy or privacy VPN and would render your IP filter mute.
If you are trying to limit access to corporate users, then the SAML2 limitation seems fairly ok?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
74 | |
9 | |
8 | |
7 | |
6 | |
6 | |
5 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.