Uploaded image for project: 'ZooKeeper'
  1. ZooKeeper
  2. ZOOKEEPER-4860

Disable X-Forwarded-For in IPAuthenticationProvider by default

    XMLWordPrintableJSON

Details

    Description

      Disable X-Forwarded-For header check in IPAuthenticationProvider by default to improve reliability in client IP address detection. 

      X-Forwarded-For is not a standard header, it's not required and not needed unless ZooKeeper is behind a proxy server. Relying on that when detecting client IP address should be the exception, not the standard behaviour. Therefore we should disable it by defult.

      Attachments

        Issue Links

          Activity

            People

              andor Andor Molnar
              andor Andor Molnar
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 1h
                  1h