ALLOW_FROM
The ALLOW_FROM
element specifies rules for access to GAS applications or
services from specific hosts.
Syntax
<ALLOW_FROM>["NOBODY"|"ALL"|ip-address]</ALLOW_FROM>
- The ip-address is a valid IPv4 or IPv6 address. For IPv4 it
can be a complete IP address or a network address (ending with a
dot). Access can also
either be globally denied or allowed by the following keywords:
NOBODY
ALL
Usage
You use this element to specify the specific hosts who have access to your GAS applications or
services. An example is shown using the default resource res.access.control
. For
more examples see Access
Control.
Example default usage
<ALLOW_FROM>$(res.access.control)</ALLOW_FROM>
The resource
res.access.control
is defined with the value NOBODY
by default.
The default GAS deployment for demo applications and MONITOR references this resource. Note: Access control rules will be
ignored by the standalone dispatcher (httpdispatch).
Important: The standalone GAS is for development
only, provided to simplify your development setup and configuration. For deployment and production
systems, you must include a Web server.
How access control rules are applied
If more than one
ALLOW_FROM
element is specified, the following describes the
order rules are applied:NOBODY
always gets the highest priority regardless of other rules, which means that nobody gets access.ALL
gets priority over specific IP addresses when the keywordNOBODY
is not provided, which means that access is allowed to all.- If neither the keyword
NOBODY
norALL
is provided, the remaining access control rules are applied.
Parent elements
This element is a child of the following: