D
dduser1
Guest
In OA SDK embedded server implementation DAM_INFO_CLIENT_ADDRESS reads the local IP address and does not provide access to the public IP address of the client. This limitation does not allow to implement effective authorization based on client IP address (local IP address can be changed easily). Currently I am not aware of any feasible workaround. In our client-server environment the IP restrictions are configured per customer. Customer's credentials are available only on application layer after OA SDK server accepts the request. Without the credentials the IP address from TCP/IP stream by it self cannot be used to apply the IP restrictions outside the application. This enhancement originated from Case 00263564.
Continue reading...
Continue reading...