HttpContext.Current.Request.UserHostAddress issue

[Kevin Yu]

hi all

This problem is odd. in a web service, I try to get the client's IP address
from the HttpContext object, but it seems to fail to get the proper IP, now
in this development environment, we are working on the client site, I don't
really have a clear understanding of their network layout, but it is
possible that their are using a proxy server to do all Http requset thus the
IP in the context is the proxy server IP, any inside?


Kevin

 

[Karl Seguin]

yes..very possible/likely...ASP.Net can only show what's available in the
HTTPHeaders....so proxies/routers can certainly effect this and many other
fields..

Karl

--
MY ASP.Net tutorials
http://www.openmymind.net/ - New and Improved (yes, the popup is
annoying)
http://www.openmymind.net/faq.aspx - unofficial newsgroup FAQ (more to
come!)

 

[Kevin Yu]

what happened is all web app use a sign on portal which authenticate user
then redirect them to the appropriate application and the login portal is
hosted on the web farm, I guess that's what cause the problem.

I guess there is no way I can get the proper IP in this kind of setup.

 

[WJ]

I guess there is no way I can get the proper IP in this kind of setup.

Absolutely not ! This also will make life a little bit harder for hackers.
They can still get to the real meat, but it will be harder.

John

 

[Kevin Yu]

Absolutely not ! This also will make life a little bit harder for hackers.
They can still get to the real meat, but it will be harder.

How in .NET? I mean the HttpContext doesn't even contain the source IP (I
guess it's the proxy IP)

 

[WJ]

How in .NET? I mean the HttpContext doesn't even contain the source IP (I
guess it's the proxy IP)

Asp.net will return the Proxy IP, not the original IP. If your server
exposes directly to outside without middle man then yes, you can see my true
IP. Otherwise, the packet is intercepted at the DMZ and all you see is your
company agent. I am not a network expert, but I think, they may be able to
arrange some kinds of special exception for your application ? You may ask
your network technician to see if this can be done.

John

 

[Joerg Jooss]

Asp.net will return the Proxy IP, not the original IP. If your server
exposes directly to outside without middle man then yes, you can see
my true IP. Otherwise, the packet is intercepted at the DMZ and all
you see is your company agent. I am not a network expert, but I
think, they may be able to arrange some kinds of special exception
for your application ? You may ask your network technician to see if
this can be done.

Don't forget that proxies may a X-Forwarded-For or similar header
contains the original IP.

Cheers,

 

[Kevin Yu]

Asp.net will return the Proxy IP, not the original IP. If your server
exposes directly to outside without middle man then yes, you can see my true
IP. Otherwise, the packet is intercepted at the DMZ and all you see is your
company agent.

so that's what happen, I checked the network environment documentation. they
do have a
DMZ setup here. so I guess it's almost impossible to get correct source IP
then. it's their
security measure, we as developer need to follow the rules/regulations.


I am not a network expert, but I think, they may be able to

arrange some kinds of special exception for your application ? You may ask
your network technician to see if this can be done.

I don't think it's up to the network technician to decide that, it's all
politic here.