use_real_client_ip

Activate the use of the real client IP address for authorization decisions.

use_real_client_ip = {true | false}

Description

Determines whether to activate the current, or real, client IP address. Specify this entry under the [rtss-eas] stanza.

If the client_ip = client_ip entry exists in the [azn-decision-info] stanza, then the current client IP address is activated in the AZN_CRED_NETWORK_ADDRESS_STR credential.

In IBM Security Access Manager for Web version 7.0, the value of AZN_CRED_NETWORK_ADDRESS_STR contained the client IP address when the user first authenticated and the credential was built. If the IP address changed during the session, the value was not updated. To use this type of client IP address, we have two options:

Options

Usage:

This stanza entry is not required.

This stanza entry applies to Advanced Access Control.

Default value

true

Example:

use_real_client_ip = false

Parent topic: [rtss-eas] stanza