Trusted for Request Forwarding |
If selected, the client is considered to be trusted to forward SOAP requests from other clients. This setting is required to allow intermediary servers, such as HTTP proxy servers or load balancers, to forward SOAP requests and still identify the originating client.
In this case, OneSpan Authentication Server evaluates the X-Forwarded-For (XFF) field of the HTTP header to identify the IP address of the originating client. More than one proxy server may appear in the list, each one verified to be trusted. If any of the servers in the XFF field is not trusted to forward requests, the initial client is considered to be the originating SOAP client, i.e. the proxy server or load balancer directly sending the request to OneSpan Authentication Server.
Note that this option does not work if you are using a load balancer with SSL tunneling. For more information, refer to the OneSpan Authentication Server Performance and Deployment Guide, Section "Load balancing".
|