Hi,
we have following setup
apache 2.4 on a ubuntu host, in front of docker-container with tomcat9 (on
same host).
Connection is via apache mod_http/proxy.
Internal IP of the host is 10.138.0.3 (where httpd and docker are running).
In localhost_access log we see always 10.138.0.3 address. If going through
port 8080 directly, without httpd, we see the correct IP-Address.
We have added RemoteIpValve to server xml.
<Valve className="org.apache.catalina.valves.RemoteIpValve"
remoteIpHeader="X-Forwarded-For"
protocolHeader="X-Forwarded-Proto"
internalProxies="10\.138\.0\.3"/>
http config also has ProxyAddHeaders on, also I understand that to be
default anyway:
ProxyPass / http://10.138.0.3:8080/
ProxyPassReverse / http://10.138.0.3:8080/
ProxyErrorOverride Off
ProxyAddHeaders On
<Proxy *>
Require all granted
ProxyAddHeaders On
</Proxy>
When we print out all headers in a request, the X-Forwarded-For is missing,
so obviously tomcat does something with it, but doesn't trust the httpd? So
probably the line internalProxies="10\.138\.0\.3" is wrong, bug I can't get
my head around it.
any help would be highly appreciated
kr
Leon
