Apama 10.11.3 | Connecting Apama Applications to External Components | Working with IAF Plug-ins | Using the IAF | The IAF runtime | Using the Apama component extended configuration file | Ensuring that client connections are from particular addresses
 
Ensuring that client connections are from particular addresses
To ensure that client connections are from particular addresses, add one or more AllowClient entries to the extended configuration file in the [Server] section. For example:
[Server]
AllowClient=127.0.0.1
AllowClient=192.168.128.0/17
An AllowClient entry takes an IP address, as in the first example above, or a CIDR (Classless Inter-Domain Routing) address range, as in the second example above. With these example entries in the extended configuration file, the Apama components allow connections from either the localhost (127.0.0.1) or IP addresses where the first 17 bits match the first 17 bits of 192.168.128.0. The Apama components do not accept connections from any other IP addresses.
If you specify an extended configuration file when you start the correlator, and if there are any AllowClient entries in the extended configuration file, then the Apama components do not allow connections from any IP address that does not fall within one of the AllowClient ranges specified. If you do not specify an extended configuration file when you start the correlator, or there are no AllowClient entries in an extended configuration file that you do specify, the Apama components accept connections from any client.
Important:
This feature is intended to prevent mistakenly connecting to the wrong server. It is not intended to prevent malicious intruders since it provides no protection against address spoofing.