ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

X-Forwarded-For setting for Advanced Authentication


Article ID: 207913


Updated On:


CA Advanced Authentication - Strong Authentication (AuthMinder / WebFort)


We are seeing the IP address of the Load Balancer in the Risk Evaluation process and wondering how can we capture the End user IP address?


Release : 8.2.02 and 9.1

Component : AuthMinder(Arcot WebFort)

RiskMinder( Arcot Riskfort)


In later versions of Advanced Authentication product, We by default disabled the X-Forwarded-For header, in ARCOT_HOME/conf/afm/arcotafm.proprties file please check this-

# ==========================================================================
# X-FORWARDED-FOR functionality parameters
# ==========================================================================

To capture the end user IP address make the value as 'true' and once that is done, it will take the application server restart for making this change to come into effect.

Additional Information