Hello, I'm trying to get the actual client IP address in the Tomcat access
logs rather than the 127.0.0.1 that's coming from nginx.
CentOS 7.6 (on AWS)
Amazon Coretto 1.8.0_222.b10-1.x86_64
Tomcat 8.5.45.0 (extracted from tar.gz)
Nginx 1.12.2 (very basic setup)
http (80) / https (443) to nginx
Tomcat running on 8080
localhost_access_log shows all requests coming from ip: 127.0.0.1
How do I get it to show the real IP address coming in through nginx ?
I've tried various combinations of these - and others (and in various
sections of the nginx.conf)...
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
I've tried adding this to Tomcat server.xml (in the Engine section):
<Valve className="org.apache.catalina.valves.RemoteIpValve"
internalProxies="127\.0\.[0-1]\.1"
remoteIpHeader="x-forwarded-for"
requestAttributesEnabled="true"
protocolHeader="x-forwarded-proto"
protocolHeaderHttpsValue="https"/>
(As well as trying changing https to http.)
I've also tried modifying this based on something I found online but it
didn't help:
<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs"
prefix="localhost_access_log" suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
Thanks.
