ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Is there a way to configure the SPS to let pass the client IP to the backend application?

book

Article ID: 18143

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Description:

If you are using the Secure Proxy Server, you may have a need for your back end application to know the client IP address to do some specific actions.

Solution:

It is not currently possible out of the box.

There are 3 different possible options:

  1. Have a load balancer in front of the SPS to set an X_FORWARDED_FOR header (containing the the client IP address) before it passed through the SPS server.

  2. Write a custom filter that would write a custom header like client_IP that would contain the original client header. This would need an extra development and would impact the apache reverse proxy module inside SPS. This is a custom solution that involve CA Services.

  3. Open an Enhancement Request through the Communities idea wall web site to have this functionality in as future release of the product.

Environment

Release:
Component: SMSPS