A method of securely communicating a network address of a client that issues
service
requests to a first server that proxies the service requests for a second server.
A network address of the client is received. A processor determines whether a first
network address of the first server is equal to a second network address of the
second server. The network address of the client is sent from the first server
to the second server in a secure request message only when the first network address
of the first server is equal to the second network address of the second server.
Accordingly, a secure communications protocol is provided in which an address of
a requesting client, e.g., an IP address, is passed in the protocol only among
a responding server and its proxy, thereby preventing interception of the client
IP address by unauthorized processes. By enforcing a policy that permits the network
address of an originating host to pass from a first server to a second server only
when the network address of the second server meets specified criteria (e.g., it
is the same network address as that of the first server), the originating host
address can be passed securely through a proxy server.