2

I went through a lot of posts related to this issue but I could not find a proper answer. Here is my problem:

I'm trying to enable request logging in Tomcat using AccessLogValve & RemoteIpValve in order to get the IP addresses that originated the request and not the IP from the Loadbalancer.

I have set my Tomacat as follows:

<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"  
prefix="access_log." suffix=".txt" 
pattern="%h %l %u %t &quot;%r&quot; %s %b %D"  
resolveHosts="false"/>

<Valve className="org.apache.catalina.valves.RemoteIpValve"
internalProxies="127\.0\.0\.1| +IP adress from the loadbalancer"
trustedProxies="127\.0\.0\.1| +IP adress from the loadbalancer"
remoteIpHeader="x-forwarded-for"
remoteIpProxiesHeader="x-forwarded-by"
protocolHeader="x-forwarded-proto"/>

As I am using Apache to proxy requests to Tomcat, I added the following to my httpd-vhosts.conf

<VirtualHost *:80>
...
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !http
RewriteRule !/status http://%{SERVER_NAME}%{REQUEST_URI} [L,R]

But still my logfiles display only the IP from my Loadbalancer.

So I guess I'missing something here and would deeply appreciate a little help. Thanks a bunch

Bruce
  • 21
  • 3
  • Aren't you using [mod_proxy](http://httpd.apache.org/docs/2.4/mod/mod_proxy.html) to do the reverse proxy work? – fvu Oct 22 '15 at 09:40
  • @fvu No I'm not. the loadbalancer is external and configured to support X-Forwarded-For. Apache logs contains both IP address from loadbalancer and the original one. However Tomcat logfiles does not. – Bruce Oct 22 '15 at 09:58
  • You write `remoteIpHeader="x-forwarded-for"` in all-lowercase, I think that's wrong. It could also be helpful to write a basic test servlet to inspect all headers that Tomcat actually sees. – fvu Oct 22 '15 at 11:06

0 Answers0