根据IP地址限制Azure Active Directory应用程序访问 [英] Restrict Azure Active Directory Application Access based on IP addresses

问题描述

我需要限制对Azure Active Directory应用程序的访问.仅允许的子网可以访问Active Directory应用程序.如何在AD应用程序中配置该IP范围，以限制对该应用程序其他子网的访问? 任何帮助将不胜感激.

I need to restrict access to Azure Active Directory Application. Just allowed sub-nets can access Active Directory Application. Where can I configure that IP range in AD application that will restrict access for other sub-nets to that application? Any help will be appreciated.

推荐答案

AFAIK，Azure AD当前无法基于子网地址范围配置应用程序访问规则.如果发布该应用程序的服务器和您的子网位于同一本地网络中，则在该应用程序中，您可以检查访问者的私有IP地址( 内部IP地址)以满足要求，您可以尝试使用HttpRequest对象的UserHostAddress属性从Request Header检索访问者的IP地址:Request.UserHostAddress.

AFAIK , Azure AD can't config your app access rule base on the sub-net address range currently. If the server which app published and your sub-net are in same local network ,in the application , you could check visitor's private ip address( Internal ip address) to meet the requirement, you could try retrieving a visitor's IP address from the Request Headers by using the UserHostAddress property of the HttpRequest object : Request.UserHostAddress .

这篇关于根据IP地址限制Azure Active Directory应用程序访问的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！