Odoo Help

3

How to put an IP address based limit to authentication of users?

By
Ahmet Altinisik
on 2/13/13, 6:21 AM 4,092 views

I would like to put some IP restrictions on login so some users can only connect from their designated workstations. How can I achieve this?

AFAIK there is no such control mechanism in openERP, can I achieve this by moving authentication to the another entity like LDAP or OpenID ?

Regards,

1
Geoff Galik
On 2/24/13, 4:39 AM
Still Can't Post Hyperlinks (*grrrrrrr). Please edit as per inline pseudocode.

You're machine's firewall(s) is where policies are enforced concerning the handling of network packets, including connection specific access restrictions for IP ranges. Setting rules like allowing/denying service based on the source's IP address is, in fact, the purpose of a firewall.

If you're running a Linux-based system you can configure the kernel's firewall with iptables.

[href="help.ubuntu.com/community/Iptables"]HowToUbuntu's guide on iptables.[/href] Even though it's from Ubuntu, this guide should be relevant to any Linux system.

[href="serverfault.com/questions/30026/whitelist-allowed-ips-in-out-using-iptables"]Advice specific to allowing ip's[/href]

[href="serverfault.com/questions/248384/allow-iptables-to-allow-ip-range-only-on-specifc-port"]Advice specific to allowing ip ranges for specific ports.[/href]

[href="wiki.debian.org/iptables"]Debian's guide on iptables[/href]. Also includes links for a few less technical tools.

If you are running a *nix system, you also may be able to accomplish what you're trying to do by adding entries in the 'hosts.allow' and 'hosts.deny' files respectively (if OpenERP supports it); I would still recommend using your firewall (see [href="https://bbs.archlinux.org/viewtopic.php?id=77481"]this link[/href].

I want to add IP restrictions on login so some users can only connect from their designated workstations. So If I put restrictions in firewall level no one will be able to login from that machine.

Altınkaya Elektronik Cihaz Kutuları imalat Ticaret ltd sti, Ahmet Altinisik
on 2/24/13, 5:05 PM

What OS are you running?

Geoff Galik
on 2/24/13, 11:21 PM

sudo apt-get install firestarter && sudo firestarter, then go through wizard. After wizard is done, go to 'Policy' tab and create new.

Geoff Galik
on 2/25/13, 5:54 PM

Geoff firewall cannot solve my problem. I want to limit connection based on users and ip.

Altınkaya Elektronik Cihaz Kutuları imalat Ticaret ltd sti, Ahmet Altinisik
on 2/27/13, 3:18 PM

Set up a reverse proxy. It'll require two levels of authentication but Nginx or Apache should do it: http://serverfault.com/questions/311710/how-to-act-differently-according-to-the-ip-address-with-nginx

Geoff Galik
on 3/1/13, 11:45 PM

http://stackoverflow.com/questions/3828971/apache-authentification-letting-users-from-x-ip-address-in-without-required-pa

Geoff Galik
on 3/1/13, 11:49 PM

About This Community

This platform is for beginners and experts willing to share their Odoo knowledge. It's not a forum to discuss ideas, but a knowledge base of questions and their answers.

Register

Odoo Training Center

Access to our E-learning platform and experience all Odoo Apps through learning videos, exercises and Quizz.

Test it now

Question tools

1 follower(s)

Stats

Asked: 2/13/13, 6:21 AM
Seen: 4092 times
Last updated: 12/18/15, 4:49 AM