Question

5
Replies
784
Views
Konstantin Bolyandra (KonstantinB)
I.T. Co.
System Architect
I.T. Co.
RU
KonstantinB Member since 2012 6 posts
I.T. Co.
Posted: October 10, 2018
Last activity: November 6, 2018
Posted: 10 Oct 2018 8:12 EDT
Last activity: 6 Nov 2018 1:50 EST
Closed
Solved

Get client IP address in case of failed login

Hello,


I faced an issue with the retrieving information about user IP address in case of failed login. The configuration description and details of issue are described below.

1) The Reverse proxy server configuration is used.( https://community.pega.com/knowledgebase/articles/reverse-proxy-server-configuration )

2) The custom authentication mechanizm is developed - user login and password are checked with Active Directory using LDAP. The authentication activity is used for this.

3) If user login and password pair is incorrent, the authentication activity puts the error message in param.pyFailMessage. This error message appears on the Login page.

4) In case of failed login, Pega automatically saves new Log-SecurityAudit instance in DB - this instance stores information about user login, user IP address, error message = param.pyFailMessage, etc.


The issue is: if proxy(load balancing) is used, then user IP address(the pyRemoteAddr property) is empty in Log-SecurityAudit item. If user directly(without proxy) connects to Pega, then the user IP address is specified correctly.


So could anybody provide me the answers on the following questions:

1) Why the pyRemoteAddr property is empty in case of failed login through proxy?

2) Which mechanizm is used to save Log-SecurityAudit instance in case of failed login? Is it possible to modify it?

3) Is it possible to NOT save Log-SecurityAudit instance in case of failed login and use param.pyFailMessage at the same time?

Hello,

I faced an issue with the retrieving information about user IP address in case of failed login. The configuration description and details of issue are described below.
1) The Reverse proxy server configuration is used.( https://community.pega.com/knowledgebase/articles/reverse-proxy-server-configuration )
2) The custom authentication mechanizm is developed - user login and password are checked with Active Directory using LDAP. The authentication activity is used for this.
3) If user login and password pair is incorrent, the authentication activity puts the error message in param.pyFailMessage. This error message appears on the Login page.
4) In case of failed login, Pega automatically saves new Log-SecurityAudit instance in DB - this instance stores information about user login, user IP address, error message = param.pyFailMessage, etc.

The issue is: if proxy(load balancing) is used, then user IP address(the pyRemoteAddr property) is empty in Log-SecurityAudit item. If user directly(without proxy) connects to Pega, then the user IP address is specified correctly.

So could anybody provide me the answers on the following questions:
1) Why the pyRemoteAddr property is empty in case of failed login through proxy?
2) Which mechanizm is used to save Log-SecurityAudit instance in case of failed login? Is it possible to modify it?
3) Is it possible to NOT save Log-SecurityAudit instance in case of failed login and use param.pyFailMessage at the same time?

***Edited by Moderator: Pallavi to update platform capability tags***

Security Data Integration
Moderation Team has archived post, This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.