Uploaded image for project: 'Crowd Data Center'
  1. Crowd Data Center
  2. CWD-2777

Crowd SSO can fail when x-forwarded-for contains port number

    XMLWordPrintable

Details

    • Suggestion
    • Resolution: Won't Fix
    • None
    • SSO
    • None
    • 1

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

    Description

      When using a proxy it is possible that the x-forwarded-for will contain the port and more importantly change the port number per connection. This breaks SSO as the newly created port number is different from a sperate connection, thus changing the token.

      You will have entries in log similar to the following which specify the port and not just the IP to be used.

      com.atlassian.crowd.model.authentication.ValidationFactor@6a8768[name=remote_address,value=10.80.47.22]com.atlassian.crowd.model.authentication.ValidationFactor@1dfe824[*name=X-Forwarded-For,value=10.19.73.9:53672*]

      Attachments

        Activity

          People

            Unassigned Unassigned
            acampbell AndrewA
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: