Modifed to define custom HTTP client IP header

skavanagh · skavanagh · commit babeeb027477 · 2015-12-01T05:43:25.000-05:00
Modifed so a custom HTTP client IP header can be defined.
diff --git a/src/main/java/com/keybox/manage/action/LoginAction.java b/src/main/java/com/keybox/manage/action/LoginAction.java
@@ -82,7 +82,11 @@ public String loginSubmit() {
 
         String authToken = AuthDB.login(auth);
 
-        String clientIP = servletRequest.getHeader("X-FORWARDED-FOR");
+        //get client IP
+        String clientIP = null;
+        if (StringUtils.isNotEmpty(AppConfig.getProperty("clientIPHeader"))) {
+            clientIP = servletRequest.getHeader(AppConfig.getProperty("clientIPHeader"));
+        }
         if (StringUtils.isEmpty(clientIP)) {
             clientIP = servletRequest.getRemoteAddr();
         }
diff --git a/src/main/resources/KeyBoxConfig.properties b/src/main/resources/KeyBoxConfig.properties
@@ -36,6 +36,8 @@ authKeysRefreshInterval=120
 passwordComplexityRegEx=((?=.*\\d)(?=.*[A-Z])(?=.*[a-z])(?=.*[!@#$%^&*()+=]).{8\,20})
 #Password complexity error message
 passwordComplexityMsg=Passwords must be 8 to 20 characters\, contain one digit\, one lowercase\, one uppercase\, and one special character
+#HTTP header to identify client IP Address - 'X-FORWARDED-FOR'
+clientIPHeader=
 #specify a external authentication module (ex: ldap-ol, ldap-ad).  Edit the jaas.conf to set connection details
 jaasModule=
 
