Uploaded image for project: 'CAS Server'
  1. CAS-1249

IP Address Login Interceptors should be able to read IP Address from configured header

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 3.5.0, 3.5.1
    • Fix Version/s: 4.0
    • Component/s: Authentication
    • Labels:
      None

      Description

      If CAS is deployed behind a typical HTTP Load Balancer the value of request.getRemoteAddr() often returns the value of the Load Balancer instead of the actual client IP address. This makes the IP Address Login interceptors not function correctly. However, most Load Balancer return the actual client IP in a HTTP header such as X-Forwarded-For. If the IP Address Login Interceptors could read that header instead of getRemoteAddr() the issue would be solved. I'm creating a pull request with a proposed fix for this issue.

        Attachments

          Activity

            People

            • Assignee:
              battags ScottS
              Reporter:
              edomazlicky Eric Domazlicky
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: