Rev 1344 | Rev 1373 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 1344 | Rev 1345 | ||
|---|---|---|---|
| Line 470... | Line 470... | ||
| 470 | Set to '/' to allow all paths. |
470 | Set to '/' to allow all paths. |
| 471 | Set to '(auto)' to automatically detect the path based on the absolute canonical path. |
471 | Set to '(auto)' to automatically detect the path based on the absolute canonical path. |
| 472 | Note: If supported, you can use Apache's "ProxyPassReverseCookiePath" to translate |
472 | Note: If supported, you can use Apache's "ProxyPassReverseCookiePath" to translate |
| 473 | the cookie path in a reverse-proxy setting. |
473 | the cookie path in a reverse-proxy setting. |
| 474 | 474 | ||
| - | 475 | ### XFF_TRUSTED_PROXIES |
|
| - | 476 | ||
| - | 477 | OIDplus::baseConfig()->setValue('XFF_TRUSTED_PROXIES', []); |
|
| - | 478 | ||
| - | 479 | Contains the IP addresses of proxies of which the value |
|
| - | 480 | `HTTP_X_FORWARDED_FOR` is trusted in order to determine the IP address |
|
| - | 481 | of the real web-visitor. Otherwise `REMOTE_ADDR` will be used to |
|
| - | 482 | determine the address of the web-visitor. |
|
| - | 483 | Please note: If you have multiple proxies, then the second-level-proxy |
|
| - | 484 | must trust the third-level-proxy and so on. |
|
| - | 485 | OIDplus only verifies the address of its direct communication partner, |
|
| - | 486 | i.e. the proxy that will identify itself through `REMOTE_ADDR`. |
|
| - | 487 | ||
| 475 | ### RA_PASSWORD_PEPPER |
488 | ### RA_PASSWORD_PEPPER |
| 476 | 489 | ||
| 477 | OIDplus::baseConfig()->setValue('RA_PASSWORD_PEPPER', ''); |
490 | OIDplus::baseConfig()->setValue('RA_PASSWORD_PEPPER', ''); |
| 478 | 491 | ||
| 479 | The pepper is stored inside the base configuration file |
492 | The pepper is stored inside the base configuration file |