Bug 7466 - Incorrect client address when using reverse proxy
Summary: Incorrect client address when using reverse proxy
Status: NEW
Alias: None
Product: ThinLinc
Classification: Unclassified
Component: Web Access (show other bugs)
Version: trunk
Hardware: PC Unknown
: P2 Normal
Target Milestone: LowPrio
Assignee: Bugzilla mail exporter
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-01-22 11:12 CET by Pierre Ossman
Modified: 2024-07-30 13:15 CEST (History)
0 users

See Also:
Acceptance Criteria:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Pierre Ossman cendio 2020-01-22 11:12:28 CET 
Putting a reverse proxy in front of Web Access means that the IP address it will see is that of the proxy, not that of the actual client. This also means that any address given to PAM etc. will not be terribly useful.

A well behaved proxy will set up X-Forwarded-For or X-Real-IP with the proper address of the client. However there is no authentication of this information so Web Access doesn't know if it should trust it or not. Some manual configuration will be needed to set up this trust.
Note You need to log in before you can comment on or make changes to this bug.