Am 22.06.2006 um 15:39 schrieb Tres Seaver:
The sequence which creates a user object is defined in the
PAS.validate
method:
...
Very good documentation snipped
I followed this path and found the culprit.
The cookie_auth_helper extends the credentials with the remote_addr
only if it fou
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Janko Hauser wrote:
>
> Am 22.06.2006 um 13:48 schrieb Zachery Bir:
>
>> Woops. Like I said, too long since I played in it. It runs
>> request.getClientAddr(), which does take HTTP_X_FORWARDED_FOR, but
>> only if the default REMOTE_ADDR is in an attr
