#dominoforever | Product Ideas Portal

 

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

How to get the value of X-Forwarded-For in the "Remote_Addr" field?

Load balancer has a setting such as "enable / disable" for X-Forwarded-For.

If one can't get the value of X-Forwarded-For in the "Remote_Addr" field, is there another way to get the value of X-Forwarded-For?

Can it be achieved through scripting or any other settings.

  • Guest
  • Nov 24 2020
  • Needs review
  • Attach files
  • Guest commented
    24 Nov, 2020 01:54pm

    where exactly do you need it? this is marked Domino Designer/Lotus Script. I am confused. Can you describe where you need it to be available exactly?

    There is a way to configure Domino to write it into domlog.nsf

    Not sure form which side you are comping from. But for domlog.nsf the two following parameters are relevant:

    [ Daniel Nashed / HCL Lifetime Ambassador]

    notes.ini

    HTTP_LOG_ACCESS_XFORWARDED_FOR=1

    This settings does write the X-FORWARDED-FOR header into a field "ForwaredFor" in domlog.nsf.

    The Domino log output still shows the connecting IP address. So we need to find get the IP address from the domlog.nsf document.

    In addition log documents contain a 200 return code when session based authentication is used.

    There is a specific setting to change the 200 return code into a 401 return code.

    notes.ini

    DOMINO_FORCE401_WITH_HTML_LOGIN_PAGE=1

    Having a periodic agent check the log would be very ineffective (run-time, trigger can't be less than 5 minutes and the documents need to be stored in the domlog.nsf).