Why does the Policy Server prints the message
"Invalid session ip"
in an isAuthorized call?
The Authorization process validates the session data from the SessionSpec, which contains the Client IP. The Policy Server always compares the Client IP from the SessionSpec with the one given by Attribute 208.
In Web Agent, this IP validation can be overridden by setting the ACO parameter TransientIPCheck="NO".
In SDK code, pass the Client IP starting with a "* " as "*127.0.0.1" in the code function to get the same result.