Hi,
Trying to publish a somewhat convoluted Apache Tomcat application via WAF and getting the following clickjack protection error:
HTTP Status 500 - None of SP's internal[https://internal.domain.com:8100/dispatcher] and external address[[https://external.domain.com:8100/dispatcher]] haven't been found in value of the "x-forwarded-for" header [99.99.99.99]
Is there any way of explicitly setting the x-forwarded-for header to work around this protection? Pass Host Header setting makes no difference.
At the moment, I am browsing to external.domain.com/dispatcher - I am letting WAF do the http/https and 443/8100 redirects. My end objective is also to use request redirection for the /dispatcher directory after I get the basics working (hopefully).
Not using any security or reverse auth profiles yet.
This thread was automatically locked due to age.