Hi Experts,
This is very unique scenario but I am guessing a lot of you would have faced this issue.
Scenario:
User's browser>CDN> reverse proxy>Load balancer>HTTP server>WAS>Maximo
Above is the flow of user's request to Maximo and the user's login request is registered in Maximo.
Now, Maximo has this functionality to block IP address when there are more than 50 failed attempts from the same IP.
Currently, Maximo is doing this properly but the IP address registered currently is of the load balancer IP. This is causing blocking of login for all the users.
Now, I know if we configure load balancer to set User's actual IP address in the X-forward-for header than Maximo will be able to capture the right ip address in the failed login attempt and block only the IP address where the failed attempt originated from.
Now, my questions are as follows:
1. When there is no X-forward-for header(which is the current setup) then how and where is the IP address of the load balancer captured and sent to Maximo?
2. Can we configure HTTP server or WAS to fetch the IP address from a specific header in the request? CDN is sending the user's IP address in the a header called 'True-Client'IP'. I am still investigating if HTTP server is receiving this header information.
Any inputs will be appreciated!
Thanks in Advance.
------------------------------
Biplab Choudhury
Maximo Consultant
Tata Consultancy Services
Melbourne
------------------------------
#Maximo#AssetandFacilitiesManagement