New Ranks & Badges For The Community!
Notice something different? The ranks and associated badges have gone "Star Fleet". See what they all mean HERE

Bypass Reverse Proxy Setup / Enable direct login to a Gateway Server

Idea ID 1651026

Bypass Reverse Proxy Setup / Enable direct login to a Gateway Server

When activating the reverse proxy, we are no longer able to login directly to a gateway.

We're using reverse proxies with modsec / web application firewall and IDM in front of our gateway servers.
As soon as we enable the Single Sign on Configuration, we can't login to any gateway directly anymore.
A possibility to login directly to a gateway is necessary for
- debugging the modsec configuration
- testing an single gateway server for functionality
- "emergency" login in case of proxy load balancer errors

As the IPs of the reverse proxies are configured in OMi, it should be possible to get a login mask for all requests from other addresses.

5 Comments
Micro Focus Frequent Contributor
Micro Focus Frequent Contributor

Can you check if you have an infrastructure setting called "Manatory Domain" under the "Single Sign-On - Lightweight (LW-SSO)" category? At least in the CDF version, setting that one to "false" seems to fix similar issues.

Micro Focus Expert
Micro Focus Expert
Status changed to: New Idea

This sounds like a case for support. Did you follow the High Availability configuration settings from the admin guide? It should work, otherwise please work with support.

Cadet 1st Class Cadet 1st Class
Cadet 1st Class

Tried to set the "Manatory Domain" option, didn't make a difference for us.

Guess when Identity Management is set, there is no way to bypass it at the moment. The only workaround is to set the Header manually. This allows us to login as any user (just by setting the header and value). From our point of view the IDM settings should only be applied for the configured reverse proxies. Connections from other IPs should get a "normal" login.

We already opened a call for this (SD02045092), support suggested to open an ER.

Micro Focus Expert
Micro Focus Expert
Status changed to: Waiting for Votes
 
Micro Focus Contributor
Micro Focus Contributor
Status changed to: Archived

Moving this Idea to “Archived” status as it has been open for > 1 year and has not gathered broad customer interest.

NOTE: Archived ideas may be commented upon but cannot receive votes. Archived ideas may be re-opened based on community input.

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.