How can I access the x-forwarded data from the web login?
Need to access the x-forwarded data from load balancer to obtain original requesting IP address? How can I get this data?
Accepted Solution
Updated: 14 Dec 2015 11:08 EST
Pegasystems Inc.
US
Michael,
You can grab the header in your Code-Security login activity as defined in your Data-Admin-AuthService.
Use a property set step where the properties value is:
@java("((javax.servlet.http.HttpServletRequest)tools.getRequestor().getRequestorPage().getObject(\"pxHTTPServletRequest\")).getHeader(\"x-forwarded\")")
If you want to output to the logfile all the HTTP headers you are getting in the incoming request for debug purposes use the following in a Java step:
javax.servlet.http.HttpServletRequest request =
(javax.servlet.http.HttpServletRequest)tools.getRequestor().getRequestorPage().getObject("pxHTTPServletRequest");
//debug
java.util.Enumeration e = request.getHeaderNames();
String header = null;
while (e.hasMoreElements()) {
header = (String) e.nextElement();
oLog.infoForced(header + ": " + request.getHeader(header));
}
Remember to comment this JAVA step or comment the debug code after you are done with it.
--Chris
Pegasystems Inc.
US
What is your PRPC version? I see we only honor the XFF headers since 7.1.9+. pxReqContextURI property should have what you are looking for.
Wells Fargo
US
Thanks Kevin!
Unfortunately, were on 6.2 sp1 and our 7.1.9 implmentation will not happen until 3rd quarter next year.
I'll talk to our load balancer folks and see if they can parse out the needed data and send it as parameters on the redirect...
Pegasystems Inc.
US
Michael,
Are you using custom authentication? A PRCustom SSO Servlet?
If so you can grab any HTTP Headers, including X-Forwarded headers, during the login.
Wells Fargo
US
Currently using PRWebLDAP1, but was thinking of creating a seprate servlet for the load balancer requests. I could then parse out any xff data and pass whatever needed parameters on the PRWebLDAP1 redirect...
Accepted Solution
Updated: 14 Dec 2015 11:08 EST
Pegasystems Inc.
US
Michael,
You can grab the header in your Code-Security login activity as defined in your Data-Admin-AuthService.
Use a property set step where the properties value is:
@java("((javax.servlet.http.HttpServletRequest)tools.getRequestor().getRequestorPage().getObject(\"pxHTTPServletRequest\")).getHeader(\"x-forwarded\")")
If you want to output to the logfile all the HTTP headers you are getting in the incoming request for debug purposes use the following in a Java step:
javax.servlet.http.HttpServletRequest request =
(javax.servlet.http.HttpServletRequest)tools.getRequestor().getRequestorPage().getObject("pxHTTPServletRequest");
//debug
java.util.Enumeration e = request.getHeaderNames();
String header = null;
while (e.hasMoreElements()) {
header = (String) e.nextElement();
oLog.infoForced(header + ": " + request.getHeader(header));
}
Remember to comment this JAVA step or comment the debug code after you are done with it.
--Chris