Bogus X-Ms-Forwarded-Client-Ip in Exchange Online WS-Trust app RRS feed

  • Question

  • Hi,

    We're developing an application that implements WS-Trust for Exchange Online. One part of this does Client IP filtering based off X-Ms-Forwarded-Client-Ip. However, in some cases, instead of an IP we see a like "AGZvb0BiYXIuY29tAHN5c3RlbQ==" (base64 encoded "\x00<email>\x00<password>". Has anyone seen this before and knows where this odd header comes from?

    Wednesday, October 7, 2015 1:10 AM

All replies

  • Hi,

    I don't have an answer but I just ran across the same issue in the last few days.  I have a webapp (not my code) that is experiencing this issue as well. I have some issuance authorization rules in my AD FS instance that deny on an incorrect x-ms-forwarded-client-ip.  When digging into Event Viewer I noticed the Base64 string in there and decoded it to find exactly what you described in the original post.

    I have no idea what may be causing it -- I'm looking for an answer, too.

    Friday, October 9, 2015 6:52 PM