-
Products and Technology
By Category
-
Groups
Activity Groups
Industry Groups
Influence and Feedback Groups
Interest Groups
Location Groups
Customer Only Groups
- Developers
- Partners
- Events
- Help Center
- Topic Pages
-
Explore SAP
Products
Learning and Support
-
- Products and Technology
- Groups
- Developers
- Partners
- Events
- Help Center
- Topic Pages
-
Explore SAP
- Explore SAP
-
Products
- Products
- SAP Business Suite
- Artificial Intelligence
- Business applications
- Data and analytics
- Technology Platform
- Financial Management
- Spend Management
- Supply Chain Management
- Human Capital Management
- Customer Experience
- SAP Business Network
- View products A-Z
- View industries
- Try SAP
- Partners
- Services
- Learning and Support
- About
- SAP Community
- Products and Technology
- CRM and Customer Experience
- CRM and CX Q&A
- backoffice login restriction by ip
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
backoffice login restriction by ip
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
on ‎2019 Sep 10 8:46 AM
- SAP Managed Tags
- SAP Commerce
How to restrict access right by IP address in backoffice?
Is it possible to prevent admin login by IP in backoffice?
SAP Hybris version is 6.6.
I will be grateful for any help you can provide.
Need more details?
Request clarification before answering.
Accepted Solutions (0)
Answers (2)
Answers (2)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Hyungon,
In a production or pre-production environment, a more sensible approach to take would be to put the backoffice behind an apache server (or potentially other web server) such that it can't be accessed directly. Rules could then be applied on the web server, or at the network layer, so that only certain IP addresses or ranges can access it.
This would mean no custom code is needed, only configuration on other components of the system. Ideally we don't change anything about backoffice for this scenario, so that the other environments such as dev and test, where the IP restrictions might not exist, are consistent with the production environment.
Hope that helps!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi hgkim143 ,
We can add adding a filter or a servlet with in the custom Backoffice extension. I think you can put your custom logic there for checking the admin role or IP address.
You can add this filter or servlet to Backoffice web.xml and Backoffice supports modularity of the web.xml through the web-fragment.xml to fulfill this need.
Summarizing steps below -
- Create a new Backoffice-based extension, e.g. training.
- Add a filter class to the training/src directory not in the training/backoffice/src folder.
- OR, Add a servlet class to the training/src directory.
- Now, add the web-fragment.xml file to the training/resources directory.
- Build and run your platform.
Hope it will solve your problem.
Regards,
Prashant
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Bluesky- ASM Product Categories in Spartacus in CRM and CX Blog Posts by SAP
- Need help on SSO Functionality configuration for ASM in CRM and CX Q&A
- Holiday Readiness – Secure Your Backoffice Before Peak Season in CRM and CX Blog Posts by SAP
- SAP Commerce Cloud Q2 ‘25 Release Highlights in CRM and CX Blog Posts by SAP
- How to Redirect SAP CC Backoffice to Custom Domain in CRM and CX Q&A
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.