-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mark,
On 10/2/2009 10:45 AM, Mark Thomas wrote: > Christopher Schultz wrote: > >>>> 2. There are other valves like request filters that cannot work without the >>>> correct IP, as well as custom login valve. >>> Filters should be OK providing they are defined in the right order. >> >> Aren't all Valves always called before Filters? > > Yes. Okay, then a Filter isn't going to work for Elli, since they are trying to use a custom Valve for authentication which needs the IP address to be correct. On the other hand, they could just modify their custom authentication Valve to check for X-Forwarded-For /first/, and then callback to request.getRemoteAddress. I'm not sure why this is so confusing to everyone :) - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkrGL1oACgkQ9CaO5/Lv0PBEgQCfUUX+bHt42WVnWLez9EZ9lxzK +7EAnjSrw0R20AeU7MLC2aHIj4lJ0Ja/ =RBVy -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org