The IP User filter can populate the X-PP-User header (useful for Rate Limiting) using the client's IP address in the request. The filter can also populate the X-PP-Groups header as defined in configuration. Prior to Repose 8, this filter did not support using the X-Forwarded-For header in the request (see IP Identity filter instead). Starting in Repose 8, this filter will correctly use the first value (i.e. the client's IP address) in the X-Forwarded-For header when it is present in the request.
General filter information
Filter name: ip-user
Filter configuration: ip-user.cfg.xml
Headers: The IP User filter has no required request headers.
Preceding filters: The IP User filter has no required preceding filters.
The ip-user.cfg.xml file contains the following elements and attributes. Add the filter to your Repose deployment through the system model configuration.
|<ip-user>||-||Required||Specifies the sub-elements and attributes to define your IP User configuration.|
Specifies the header name and quality for the User information (i.e. IP Address).
NOTE: If present, then it must be the first element.
|name||Optional||Specifies the header name. Default: X-PP-User.|
|quality||Optional||Specifies the quality to associate with the User information. Default: 0.4|
Specifies the header name and quality for the Group information (i.e. IP Address).
NOTE: If present, then it must be the element directly before the first group element.
|name||Optional||Specifies the header name. Default: X-PP-Groups.|
|quality||Optional||Specifies the quality to associate with the Group information. Default: 0.4|
|<group>||-||Required||A group of Classless Inter-Domain Routing (CIDR) addresses.|
|name||Required||The group name associated with these addresses.|
|<cidr-ip>||-||Required||A CIDR formatted address used for matching.|
The order of the group elements determines the order in which they are tested. Only the first group that has a CIDR match will be added to the specified group header.
Return codes and conditions
This filter does not return specific response codes. The request will simply pass through to the next filter or to the origin service.
- X-PP-User will be set to the source IP. The name of the header can be specified in config.
- X-PP-Groups will have the value of the first group's name with a matching Classless Inter-Domain Routing (CIDR) address. If none match, the header will not be added. The name of the header can be specified in config.