Add the ability to the cloud infrastructure to block or allow specific IPs on an OutSystems cloud environment like the service aws is offering. See this link https://aws.amazon.com/premiumsupport/knowledge-center/ec2-block-or-allow-ips/ for more information.
We now have to resort to building a custom ip filter, based on HTTPRequestHandler_API getip
Which requires to build it into every application.
Goal is to achieve a similar solution for reactive web and mobile applications as what is available for traditional web. See Restrict Access to an Internal Network.
There is a forge component available as a workaround https://www.outsystems.com/forge/component-overview/10983/clientipverifier. To apply the protection to the full application, the component should be used at the Layout Level and
We should protect all Screen Aggregates with one additional filter "IsClientIPAllowed()".
We should protect all Data Actions calling the "IsClientIPAllowed" action and only returning data if this action returns true.
We should protect the login screen by calling the "IsClientIPAllowed" action and only allow the login if this action returns true.
For a large factory this is a big overhead and not easy to retrofit.