Try OpenEdge Now
skip to main content
Server Administrator's Guide
Business Process Server web security : XSRF handler implementation : XSRF configuration : Remote address check
Remote address check
If enable-user-remote-address-check is set to true, then Business Process Portal stores the user's remote address in that user's session. As long as the user session is valid, it expects that all the further requests from that user should come from the same remote address. It checks against each request to see if the request is coming from the same remote address, if not it treats the request as invalid and redirects the user to the url configured for redirect-url-on-attack.
The default value is false.