Mobile Application Protection Filter


Introduction

Mobile Application Protection Filter enables the API-Gateway server to disable access for certain mobile application versions on a set of mobile devices. Filter ensures that all users are using the latest versions of the applications and taking advantage of the latest security and functional updates.

Prerequisite

Mobile devices and Mobile application has to be registered in API Gateway before configuring mobile filter.

Mobile Application Specific Filter

If native services is equipped to support "Gmail" mobile application of version 3.0 and above, in this case API gateway mobile filter can be configured to restrict incoming request from any mobile devices having "Gmail" application version less than 3.0.

Mobile Device Specific Filter

If native services is equipped to support "Gmap" mobile application of version 3.0 and above and only from a Samsung mobiles, then API gateway mobile filter can be configured to restrict incoming traffic from mobile devices other than Samsung having "Gmap" application version less than 3.0.

Order of Filter Check

Mobile application filters check requests for application name, application version, and the type of device from which the request was sent

 UI Configurations

  • Navigate to Policies -> Mobile devices and apps
  • Provide list of mobile device type and mobile application detailsPolicy Configuration
  • Navigate to Policies -> Rules -> Create rule.
  • Provide value for Rule name and expand 'Mobile application protection filter'.
  • Toggle Enable switch, select device type, mobile application, condition and provide mobile app version details.
  • Click [ + ] button to add the filter and click 'Save'.
  • Mobile application protection filter rule is created successfully

Workflow

1. External clients send requests to webMethods API Gateway Server from a specific mobile device

2. The request must provide the device type, application name, and application version in the request header in the following header fields:

    • Mobile-Device-Type
    • Mobile-Application-Name
    • Mobile-Application-Version

3. webMethods API Gateway Server collects this client information from the request and evaluates the request against configured rules. A request violates a rule only when the request matches the condition specified in the filter.

  a) If a request includes a device type or application name that is not configured in an mobile application protection filter, webMethods API Gateway Server will allow the request.

  b) If a request specifies a version in an invalid format, the server will allow the request.

4. Based on the evaluation, API Gateway Server either denies the request or allows the request to Internal Server

5. The Internal Server processes the requests and sends responses to webMethods API Gateway Server.

        6. webMethods API Gateway Server then passes the responses back to the client.

Runtime

The below request displays the error message configured for the rule.

image2016-11-15 11_14_1.png

image2016-11-15 11_21_12.png

image2016-11-15 19_22_16.png

ScreenHunter 248.png