Announcement

Collapse
No announcement yet.

Release 6.20.0: Added configuration option to enable IP check if OX runs in insecure mode

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Release 6.20.0: Added configuration option to enable IP check if OX runs in insecure mode

    To make the Login redirect request more secure if OX runs in insecure mode the IP check for that request can be enabled by a separate switch.

    The following option is added to

    /opt/open-xchange/etc/groupware/login.properties:

    # This option has only an effect if com.openexchange.ajax.login.insecure is configured to true.
    # This option allows to enable the IP check for /ajax/login?action=redirect requests. This request is mostly used to create a session
    # without using the OX web UI login screen. The previous behavior allowed to change the IP for this request. Configure this option to false
    # to have an IP check during this request. Additionally you can white list IP addresses from that an IP change is still allowed. This is
    # useful if other systems in the infrastructure around OX want to create the session.
    com.openexchange.ajax.login.redirect.changeIPAllow ed=true
Working...
X