try adding this method to your session class:
/** Returns the IP address of the client.
* This should return accurate information whether in direct connect
or webserver deployment mode.
* @return The IP address as a string.
*/
public String clientIPAddress() {
Without even looking, I'd guess that ERXRequest.remoteHostAddress()
is looking for an HTTP header REMOTE_ADDR (this is not really an HTTP
header, it's a CGI environment variable, but WebObjects presents it
as a header).
I have under some circumstances that I can't remember found that
some
No one know anything about??
:-(
On 04/feb/09, at 12:49, Amedeo Mantica wrote:
Hi,
To prevent session hijacking i generally use the sender ip
verification ( ERXRequest.remoteHostAddress() ) and works fine for
http requests, but when we ae il SSL mode, WebObjects see all
requests coming f
Hi,
To prevent session hijacking i generally use the sender ip
verification ( ERXRequest.remoteHostAddress() ) and works fine for
http requests, but when we ae il SSL mode, WebObjects see all requests
coming from 127.0.0.1 (and tecnically is right)
Now how to get the real ip address of th
