Loading...

XML

Word

Printable

Details

Type: Suggestion
Resolution: Fixed
Fix Version/s: 1.4.1, 1.5
Component/s: None
Labels:
None

Feedback Policy:

Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

Description

Crowd should allow the definition of proxy servers whose X-Forwarded-For: it will trust.

Original customer description:

Our company policy is to run our Tomcat containers behind a Apache proxy. This proxy then forwards the requests to the Tomcat servers. In the case of Crowd it leads to an undesired situation. Crowd thinks the application authentication request comes from 127.0.0.1 instead of the external ip address of the application.
In Crowd therefore I cannot validate an application on it's ip address. Which might result in security hazards.
Is their another way to determine the original client ip-address instead of the proxy's ip-address?

Attachments

Issue Links

is related to

CWD-1017 Add toggle to turn off checking of remote-ip in Validation Factors

Closed

Activity

People

Assignee:: Justen Stepka [Atlassian]

Reporter:: Deleted Account (Inactive)

Votes:: 1 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 21/Sep/2007 10:27 AM

Updated:: 19/Sep/2019 5:51 AM

Resolved:: 22/May/2008 3:23 AM

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

10h