Protect sub-application paths

This page describes two cases of protecting an application with Frontend Path /app/.

The path /app/sub/ belongs to another application

If the path /app/sub/ belongs to another application, that is, points to another backend server, simply add another application pattern (for example, a Web Application) and set Frontend Path to /app/sub/.

When a request comes in, nevisProxy first determines the most specific servlet, and then calculates the filter chain.

For filters with a known purpose (for example, authentication), nevisAdmin 4 automatically generates the required exclude-url-regex for filters mapped to /app/, thus avoiding that they are applied to /app/sub/ as well.

Filtering inheritance may break the application isolation, and therefore nevisAdmin 4 ensures that filters are excluded for sub-paths belonging to other applications whenever possible.

The path /app/sub/ is sensitive, and should not be accessible

Assign an Access Restriction pattern to the application using Additional Settings.

Configure it to block all IP addresses, and set the property Apply only to sub-paths to sub/.

Protect sub-application paths

The path /app/sub/ belongs to another application​

The path /app/sub/ is sensitive, and should not be accessible​

The path /app/sub/ belongs to another application

The path /app/sub/ is sensitive, and should not be accessible