Applies access control rules to incoming requests based on the peer address.

The interceptor evaluates the configured child rules in order and uses the first rule that matches the peer to decide whether the request is permitted. If no rule matches, access is denied.

Rules can match on IPv4/IPv6 (optionally with CIDR prefix) or on a hostname pattern. Hostname matching requires the peer hostname to be resolved and is performed only when at least one configured rule uses a hostname target.

- accessControl:
     - allow: "10.0.0.0/8"
     - deny: "0.0.0.0/0"

- accessControl:
     - allow: "10.0.0.0/8"
     - deny: "0.0.0.0/0"

Syntax

accessControl:
  - <rules>

accessControl:
  - <rules>

Child Structure

Element	Cardinality	Description
rules	0..*	Configures the ordered list of access rules that will be evaluated for each request.

Can be used in

abort api case chain components for global if interceptor internal otherwise proxy registration request response serviceProxy soapProxy stompProxy time transport wsStompReassembler