Symantec Access Management

I would like to develop a custom authentication scheme using Java. Would like to know if there is API available to get the request IP address? As we want to implement the authentication logic based on the request IP.

Thanks.

Hello TC Ip,  

Can you please elaborate exactly for which type of environments? Is this a specific context, well-defined?

CA Java SDK and REST programming APIs provide Policy Management API you can review, but not aware of what you're asking is covered.

Anyway, in a generalized case, it seems tricky to get this, as the incoming IP into a system is dependent on the path the request travels. One or more proxies or devices such as load balancers can change the request IP arriving at an authenticating system.

Regards.- Vijay 

The Client IP will be available when using the Single Sign On SDKs.  The Web Agent retrieves the ClientIP with every request.  If there is a proxy or load balancer in front of the web agent, the agent's CustomIpHeader parameter can be used to assure the true Client IP is collected.  More information about this can be found here:
Default HTTP Headers Used by the Product - CA Single Sign-On - 12.7 - CA Technologies Documentation 

-Pete

Hi Tc,

There isn't any API avaialble to get client IP during user authentication (in custom auth scheme).

But what you can probably do is, configure your authentication scheme to collect it as an additional attribute.

You can configure a hidden form field in your login page (needs to be server side script like ASP, JSP etc)  to populate the client IP (by reading HTTP_X_FORWARDED_FOR or REMOTE_ADDR header)

Then read this in the custom auth scheme.

Tech Tip : CA Single Sign-On :Policy Server:How to collect additional attribute using custom authentication 

Regards,

Ujwol