Configuring services and adapters

Guidance for using services and adapters in Sterling B2B Integrator is provided.

Client IP feature

Sterling B2B Integrator, when used with Sterling Secure Proxy for file transfer using SFTP or FTP adapters, records the IP address of Sterling Secure Proxy as the client IP address instead of the IP address of the actual client that is connected from Sterling Secure Proxy.

The Client IP feature allows you to record the initiating client IP address, which is required by several clients for regulatory requirements.

Prerequisite:

Firewall configuration must allow the IP address to pass through Sterling External Authentication Server.

Enabling Client IP feature:

A new property, client_ip_correlation_enabled=false is added to jdbc.properties_platform_ifcbase_ext.in with default value of false.
Note: Client IP feature is disabled by default.
Perform the following to enable the feature:
  1. Add the following line to the customer_Override.properties file:

    jdbcService.client_ip_correlation_enabled=true

  2. Run ./setupfiles.sh.
After you enable the feature, every file transfer using put or get request, using SFTP, FTP, or SFTP Server Adapter 2.0, records the client IP address in the correlation_set table.

Key for Put request:
"Put.auth.ipAddress"

Key for Get request:
"Get.auth.ipAddress"

The system receives auth.ipAddress information from Sterling External Authentication Server at the time of token validation. Upon enabling the Client IP feature, Sterling B2B Integrator invokes a new authentication API where Sterling External Authentication Server passes auth.ipAddress.

You can enable this feature on Sterling B2B Integrator along with Sterling External Authentication Server supporting it in parallel. For more information, see the compatibility matrix.
Sterling B2B Integrator Sterling Secure Proxy Sterling External Authentication Server Client IP feature support
6.1.1 v6.0.2.0 iFix03 v6.0.2.0 iFix03 Yes
6.1.1 v6.0.2.0 iFix02 v6.0.2.0 iFix02 No
Important: In the above matrix, when you indicate support for Client IP feature as 'No', the existing correlations are generated but not Put.auth.readdress and Get.auth.ipAddress.
Note:
  • Since the properties are recorded as correlation for protocol adapters, you must enable the corresponding protocol adapter to log the correlation.

    For example: The makeCorrelationForFTP or makeCorrelationForSFTP must be marked as true in the doc_tracking.properties file. The default value is true.

  • Only SFTP, FTP, and SFTP Server Adapter 2.0 supports the Client IP feature.
  • Global Mailbox and File System Provider does not support the Client IP feature.