Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Low
Fix Version/s: None
Affects Version/s: 2.8, 2.9.1, 3.0.0
Component/s: None
Labels:
- crowd-triage-dev

Support reference count:
4
Symptom Severity:
Severity 3 - Minor
UIS:
1

When using IIS as a reverse proxy (using Application Request Routing -ARR), the X-Forwarded-For header added by IIS might contain an IP:

X-Forwarded-For: 192.168.59.50:55510

The IP might differ for each request. This is not currently parsed correctly when checking the Crowd SSO token, causing a request handled on a different port to be treated as a request using a different host. The effects may vary, but usually this will make users unable to use the Crowd console or login.

Workaround is currently to disable "Require consistent client IP address" in the "Session Configuration" menu

relates to

CWD-4472 Windows 2012 R2 Throws IPv6 Exception when using IPv4

Long Term Backlog

is cloned by: KRAK-2584 Loading...

Assignee:: Unassigned
Reporter:: Lukasz Pater
Votes:: 1 Vote for this issue
Watchers:: 4 Start watching this issue

Created:: 04/Aug/2017 9:21 AM
Updated:: 18/Feb/2024 2:24 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates