KeyShield integration for WebAccess stops working after upgrade to GW18.

  • 7022567
  • 18-Jan-2018
  • 18-Jan-2018

Environment


GroupWise 18

Situation

The system was working fine with this combo but stopped working after upgrade to GW18.

Resolution

Colleagues from the KeyShield shared following information to resolve this issue:

KeyShield diagnostic log with API calls filter shows 127.0.0.1 as originate user's address. Of course, this is the proxy address, not the user's address.

It is necessary to add to the apache configuration

ProxyPreserveHost on

just in front of
ProxyPass ....
ProxyPassReverse ....
section

and to server.xml of GW Tomcat 8 to the host section

<Valve className="org.apache.catalina.valves.RemoteIpValve"
internalProxies="127\.0\.0\.1"
trustedProxies="127\.0\.0\.1"
remoteIpHeader="X-Forwarded-For"
proxiesHeader="x-forwarded-by"
requestAttributesEnabled="true"/>