User IP in SSO API call
We are currently trying to resolve the 'IP Comparison Failed' error when administrators log in via SSO. We use the Java SSO API. We have spoken to Lithium support about it, and this was the respo...
Forum Discussion
Hi Nathan,
There are a few of different ways to go about this:
- There is a writeLithiumCookie method that accepts an HttpServletRequest as a parameter. If you use this method, the IP address is pulled from the request object passed in.
- Similarly for the getLithiumCookie method if you're setting the cookie manually.
- There is a getLithiumCookieValue method that allows you to pass in the ip address directly as a String via the reqRemoteAddr parameter.
Regards,
Adam
Thanks Adam - I had to raise this issue with support in the end as I needed a response.
We solved it by specifying the user's IP address as the reqRemoteAddr in the settings hashmap (option 3).
Otherwise, it was picking up the IP address as 127.0.0.1 - possibly because of the network configuration.
Although there is some information about the additional settings in the SSO documentation, it doesn't really explain how the API determines the IP address for the user or the significance of that in terms of the security checks that the Lithium community site performs. I get the impression that quite a few other people have had difficulties with issue, so it might be worth making it a bit clearer.
