Uploaded image for project: 'Crowd Data Center'
  1. Crowd Data Center
  2. CWD-2777

Crowd SSO can fail when x-forwarded-for contains port number

XMLWordPrintable

    • Icon: Suggestion Suggestion
    • Resolution: Won't Fix
    • None
    • SSO
    • None
    • 1

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      When using a proxy it is possible that the x-forwarded-for will contain the port and more importantly change the port number per connection. This breaks SSO as the newly created port number is different from a sperate connection, thus changing the token.

      You will have entries in log similar to the following which specify the port and not just the IP to be used.

      com.atlassian.crowd.model.authentication.ValidationFactor@6a8768[name=remote_address,value=10.80.47.22]com.atlassian.crowd.model.authentication.ValidationFactor@1dfe824[*name=X-Forwarded-For,value=10.19.73.9:53672*]

            [CWD-2777] Crowd SSO can fail when x-forwarded-for contains port number

            No work has yet been logged on this issue.

              Unassigned Unassigned
              acampbell AndrewA
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Created:
                Updated:
                Resolved: