Question

5
Replies
733
Views
KonstantinB Member since 2012 6 posts
I.T. Co.
Posted: 2 years ago
Last activity: 1 year 11 months ago
Closed
Solved

Get client IP address in case of failed login

Hello,

I faced an issue with the retrieving information about user IP address in case of failed login. The configuration description and details of issue are described below.
1) The Reverse proxy server configuration is used.( https://community.pega.com/knowledgebase/articles/reverse-proxy-server-… )
2) The custom authentication mechanizm is developed - user login and password are checked with Active Directory using LDAP. The authentication activity is used for this.
3) If user login and password pair is incorrent, the authentication activity puts the error message in param.pyFailMessage. This error message appears on the Login page.
4) In case of failed login, Pega automatically saves new Log-SecurityAudit instance in DB - this instance stores information about user login, user IP address, error message = param.pyFailMessage, etc.

The issue is: if proxy(load balancing) is used, then user IP address(the pyRemoteAddr property) is empty in Log-SecurityAudit item. If user directly(without proxy) connects to Pega, then the user IP address is specified correctly.

So could anybody provide me the answers on the following questions:
1) Why the pyRemoteAddr property is empty in case of failed login through proxy?
2) Which mechanizm is used to save Log-SecurityAudit instance in case of failed login? Is it possible to modify it?
3) Is it possible to NOT save Log-SecurityAudit instance in case of failed login and use param.pyFailMessage at the same time?

***Edited by Moderator: Pallavi to update platform capability tags***

Security Data Integration
Moderation Team has archived post
Share this page LinkedIn