Thanks for pointing out, but that didn’t work either .. (I also changed the
policy on the LB to inject in lower case x-forwarded-for thinking if it was
case sensitive?) .. Do i need a filter as well in web.xml ?
The below Header is a RESPONSE header, where i am injecting x-forwarded-for
<Valve className="org.apache.catalina.valves.RemoteIpValve"
internalProxies="10\.202\.13\.198"
trustedProxies="10\.202\.13\.198"
remoteIpHeader="x-forwarded-for"
proxiesHeader="x-forwarded-by"
requestAttributesEnabled="true"/>
<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs"
prefix="localhost_access_log"
suffix=".txt"
pattern="%t %a %h %{Referer}i %l %S %{User-Agent}i %U %s %r
%q %A %v %p %b %I %D"
requestAttributesEnabled="true"
resolveHosts="false”/>
Cache-Control:no-cache, must-revalidate
Content-Encoding:gzip
Content-Length:7918
Content-Security-Policy:frame-ancestors 'self'
Content-Type:text/html;charset=UTF-8
Date:Wed, 11 May 2016 19:06:37 GMT
Expires:Thu, 01 Jan 1970 00:00:00 GMT
Server:Apache-Coyote/1.1
Strict-Transport-Security:max-age=31536000; includeSubDomains
Vary:User-Agent
X-Accel-Buffering:no
X-AUSERNAME:admin
X-App-Cluster-Node:4e77b5e4
X-App-Cluster-Node-Name:app_beta_clus_node1
X-App-Request-Time:1462993597316
X-Content-Type-Options:nosniff
x-forwarded-for:1.1.1.1
X-Frame-Options:SAMEORIGIN
X-Seraph-LoginReason:OK
X-XSS-Protection:1; mode=block
On May 11, 2016, at 12:01 PM, Mark Thomas <ma...@apache.org> wrote:
On 11/05/2016 19:47, Abhijit Das wrote:
>
> down vote
> <>favorite
> <https://stackoverflow.com/questions/37170742/unable-to-retrieve-x-forwarded-for-in-tomcat-8-0-access-log#>
>
> I am injecting a header with a rewrite policy on my LB to pass
> X-Forwarded-For header. Have verified that this appears on all the pages in
> the RESPONSE Header.
>
> I have the following config in server.xml , yet i am not able to see the
> Remote IP/X-Forwarded-For either using %a or %h (I see Loadbalancer IP)
>
> What could be the issue?
>
> <Valve className="org.apache.catalina.valves.RemoteIpValve"
> internalProxies="10\.202\.13\.198"
> remoteIpHeader="X-Forwarded-For"
> proxiesHeader="x-forwarded-by"
> requestAttributesEnabled="true"
> />
> <Valve className="org.apache.catalina.valves.AccessLogValve"
> directory="logs"
> prefix="localhost_access_log"
> suffix=".txt"
> pattern="%t %a %h %{Referer}i %l %S %{User-Agent}i %U %s %r %q
> %A %v %p %b %I %D"
> requestAttributeEnabled="true"
typo ^^^
You are missing an 's'
Mark
> resolveHosts="false"/>
> Log ::
>
> [11/May/2016:11:29:39 -0700] 10.202.13.198 10.202.13.198
> https:///index.action - 04B3ADCF82A212C6ECD9679BF260732D Mozilla/5.0
> (Macintosh; Intel Mac OS X 10_11_4) AppleWebKit/537.36 (KHTML, like Gecko)
> Chrome/50.0.2661.86 Safari/537.36
> /rest/mywork/latest/status/notification/count 200 GET
> /rest/mywork/latest/status/notification/count HTTP/1.1 10.202.10.17 443 72
> http-nio-8443-exec-17 13
>
> As you see : both %a and % h are : 10.202.13.198 10.202.13.198 (my LB IP)
>
>
> Snippet of my Resonse Header: showing my LB policy is injecting the
> X-Forwarded-For header.
>
> Cache-Control:private
> Content-Encoding:gzip
> Content-Type:application/json
> Date:Wed, 11 May 2016 17:58:55 GMT
> Expires:Wed, 31 Dec 1969 16:00:00 PST
> Server:Apache-Coyote/1.1
> Strict-Transport-Security:max-age=31536000; includeSubDomains
> Transfer-Encoding:chunked
> Vary:User-Agent
> X-AUSERNAME:admin
> X-App-Cluster-Node:4e77b660
> X-App-Cluster-Node-Name:app_prod_clus_node3
> X-Content-Type-Options:nosniff
> X-Forwarded-For:1.1.1.1
> X-Seraph-LoginReason:OK
>
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
