June 8, 2020 at 3:17 pm #28008udbollaParticipant
we do have a requirement to do some operations in JWT token attributes based on where the request is coming from (App basis).
I have used getHostname function like below
William Hepler (ForgeRock Support)
May 27, 2020, 9:16:20 PM GMT+1
We were able to test using the following format:
logger.warning(“**** session attribute ” + session.getHostName() + ” ****”);
This would return
WARNING: OpenAMScopeValidator.getUserInfo(): Got an empty result for claim=locale
OAuth2Provider:05/27/2020 02:05:52:317 PM MDT: Thread[ScriptEvaluator-0,5,main]: TransactionId[856bd7ef-d577-41f3-a8e4-e0561445f56c-6321]
WARNING: **** session attribute 192.168.122.1 ****
It is giving an IP address, how can i obtain where the request is coming from like https://xyz.com.
UmaJune 8, 2020 at 5:49 pm #28010Jatinder SinghParticipant
If you want to find client’s IP address/host, one of the options is to use
X-Forwarded-forheaders. And if you want to rely on
X-Forwarded-forheaders for your authentication/authorization, you need to do your due-diligence and make the effort to ensure it’s the real client ip address and not a spoofed one. Essentially you want your proxy to reach into a request > find the actual ip/host and set those values in the
Hope this helps!June 8, 2020 at 6:15 pm #28011Jatinder SinghParticipant
I forgot to mention the second part. Once you have those headers set by your proxy, you can access them through a request object like below.
request.getRequest().getHeaders() // request is of type OAuth2Request
You must be logged in to reply to this topic.