[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
|
Re: [jetty-users] getRemoteAddr() returning private ip number
|
Just stumbled upon the same issue...
In my case the original X-Forwarded-* headers were of no interest and
could simply be erased, using Apache's mod_headers:
RequestHeader unset X-Forwarded-For
RequestHeader unset X-Forwarded-Host
RequestHeader unset X-Forwarded-Server
RequestHeader set X-Forwarded-Proto https env=HTTPS
RequestHeader set X-Forwarded-Proto http env=!HTTPS
ProxyPass ...
On Mon, 11 Jul 2011 20:06:38 +0200, Tore Halset <halset@xxxxxxxxxxx> wrote:
Hello.
With forwarding turned on, it looks like
HttpServletRequest#getRemoteAddr() return the leftmost element of
"X-Forwarded-For", but I expected the rightmost element. Is this the
expected behavior of jetty?
Please note that I am using forwarded=true on the connector and
"ProxyPreserveHost On" in Apache httpd.
For now, I will parse the header my self.
Regards,
- Tore.
On Jul 11, 2011, at 17:34 , Tore Halset wrote:
Thanks. I already have forwarded=true set in etc/jetty.xml
<Call name="addConnector">
<Arg>
<New
class="org.eclipse.jetty.server.nio.SelectChannelConnector">
<Set name="host"><Property name="jetty.host" /></Set>
<Set name="port"><SystemProperty name="jetty.port"
default="8080"/></Set>
<Set name="forwarded">true</Set>
</New>
</Arg>
</Call>
Any more hints?
Regards,
- Tore.
On Jul 11, 2011, at 16:23 , Chad La Joie wrote:
Please review the documentation for setting up Jetty behind Apache:
http://wiki.eclipse.org/Jetty/Tutorial/Apache
It covers this use case.
On 7/11/11 10:19 AM, Tore Halset wrote:
Hello.
We have an installation with jetty 7.3.0.v20110203 behind a Apache
http server (not using ajp, just http). For one particular client,
HttpServletRequest#getRemoteAddr() return the private ip number
starting with "10." used inside the clients network. I expected to
see the clients public external ip address. The correct external ip
number is reported in the request log.
Should I use something else than HttpServletRequest#getRemoteAddr()?
Regards,
- Tore.
