Hi, Well, as far as I can tell, out of the box that URL can be called from anywhere. Thing is that I don’t quite care what would be the means to restrict access to the health check url as long as I don’t have to configure proxies.
Thanks, Andrei > On Aug 21, 2017, at 2:46 PM, Nicolas Peltier <[email protected]> > wrote: > > Hi, > > wouldn't you already have that restriction on an operation level for > all /system/* URIs ? > > Nicolas > > 2017-08-21 13:10 GMT+02:00 Andrei Kalfas <[email protected]>: >> Hi, >> >> I’m reading about sling health checks [1] and I was wondering if there is a >> built in capability to restrict the IPs that are allowed to call the health >> check url exposed by the health check servlet. >> >> More specifically what I would like to achieve: once I’ve configured the >> health check servlet to respond on /system/health I would like to be able to >> restrict which IPs are may call that, given that I would use this to check >> when AEM is up from 2 places, from a script running on the local machine and >> from different load balancers so whitelisting something like >> [127.0.0.1/32,10.0.0.0/16]. >> >> [1] >> https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsling.apache.org%2Fdocumentation%2Fbundles%2Fsling-health-check-tool.html&data=02%7C01%7C%7Cd7896567df8d4a33488c08d4e88a4d53%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C636389128078835407&sdata=FEB%2BMd2ycAIXYvIwqCP3RYCnkMVVXS8eOXS%2Bqu%2FqxTc%3D&reserved=0 >> >> Thank you, >> Andrei >>
smime.p7s
Description: S/MIME cryptographic signature
