Hi,
Requirement: If user access from Outside office network then TwoFactorAuthentication for SSO and if user access from Inside office then only kerberos authentication.
So we have written Java script under SSO/OTPADMIN ( SAP SSO 3.0, NW Java) with IP ranges.
I am able to find IP if user is access from outside as we maintained wdisp/add_xforwardedfor_header= true for external DMZ WD only.
-----------------------------------------------------------------------------
I dont want to maintain wdisp/add_xforwardedfor_header= true
And I want to write IF statement in icm_mod_<SID>.txt in Internal WD.
If user access from inside office then X-forwarded-for will be empty. I will manipulate HTTP header with actual IP of Internal W . for ex. IP = 10.8.10.78
1. I maintained WD profile in Internal WD
icm/HTTP/mod_0 = PREFIX=/,FILE=/sapmnt/<SID>/global/security/data/icm_mod_<SID>.txt
2. content of icm_mod_<SID>.txt
if %{HEADER:x-forwarded-for} regimatch null
SetHeader x-forwarded-for 10.8.10.78
IS ABOVE syntax correct ? As i dont find exact syntax for x-forwarded-for in below SAP documents.
references used:
