Hi Experts,
How would I configure to log inside the authentication.audit.json the true-clientIP/x-forward-for during failed logins? Pls advice.
thanks
Go to Configure → Server Defaults → Advanced, add a new property at the end of the list:
com.sun.identity.authentication.client.ipAddressHeader → X-Forwarded-For (don’t forget to click on the +)
Ensure that your reverse proxy/etc actually sets the header.
You may need to restart AM for it to work, not sure on that one.
2 Likes
Thanks for the response.
Let’s say at the load balancer we set X-Forwarded-For and at openam side, we will declare in a groovy script like following String clientIP= request.header(“X-Forwarded-For”).
Then why would we need to set the below one?
com.sun.identity.authentication.client.ipAddressHeader → X-Forwarded-For