When app sends authorization request, it is actually sent by the PEP package to the platform authorization api. The PEP package does not include the x-forwarded-for header in the api request sent to the platform authorization api. Therefore the iaddress received in the authorization component is the ipaddress of the app cluster. But we need the ipaddress of the app client.
To acheive this,
we need to make sure app component, receives the client ipaddress
add x-forwarded-for header with the client ip in the api request sent to the authorization component.
Steps To Reproduce
Instantiate/open an existing instance
edit a field
Go to the auditlog database and query authz.eventlog
Ipaddress of the app cluster is logged in the ipaddress column
Expected : Ipaddress of the app client is logged in the ipaddress column
Description of the bug
When app sends authorization request, it is actually sent by the PEP package to the platform authorization api. The PEP package does not include the x-forwarded-for header in the api request sent to the platform authorization api. Therefore the iaddress received in the authorization component is the ipaddress of the app cluster. But we need the ipaddress of the app client. To acheive this,
Steps To Reproduce
Expected : Ipaddress of the app client is logged in the ipaddress column
Additional Information
No response