You are viewing a plain text version of this content. The canonical link for it is here.
Posted to httpclient-users@hc.apache.org by Joan Balagueró <jo...@grupoventus.com> on 2013/07/30 18:02:33 UTC

IP transparency

Hello,

 

I have developed a proxy servlet with an xml cache, running in a Tomcat 6. 

 

When the incoming xml request is not found in the proxy cache, I use
HttpClient 4.2.5 to create a new http request (PoolingConnection) and
redirect it to the client application servers to get the xml response. 

 

So far, everything worked ok with all our clients. But now we’ve a client
that needs ip transparency. Then, the request created by httpclient needs to
include the origin ip address, not the proxy ip (the client app reads this
IP using request.getRemoteAddr(), and this is something that they cannot
change now. Therefore, things like adding a ‘X-Forwarded-for’ header cannot
be implemented in this scenario).

 

Is this possible? Has anyone found an scenario like this?

 

Thanks in advance,

 

Joan.

Re: IP transparency

Posted by Oleg Kalnichevski <ol...@apache.org>.
On Tue, 2013-07-30 at 18:02 +0200, Joan Balagueró wrote:
> Hello,
> 
>  
> 
> I have developed a proxy servlet with an xml cache, running in a Tomcat 6. 
> 
>  
> 
> When the incoming xml request is not found in the proxy cache, I use
> HttpClient 4.2.5 to create a new http request (PoolingConnection) and
> redirect it to the client application servers to get the xml response. 
> 
>  
> 
> So far, everything worked ok with all our clients. But now we’ve a client
> that needs ip transparency. Then, the request created by httpclient needs to
> include the origin ip address, not the proxy ip (the client app reads this
> IP using request.getRemoteAddr(), and this is something that they cannot
> change now. Therefore, things like adding a ‘X-Forwarded-for’ header cannot
> be implemented in this scenario).
> 
>  
> 
> Is this possible? Has anyone found an scenario like this?
> 

What you are describing effectively amounts to IP address spoofing. I do
not think this can be done with java.

Oleg



---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org