You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by "Abernathy, Don" <DA...@MFS.com> on 2016/03/20 14:15:07 UTC
[users@httpd] Questions on getting Remote Address of client via Apache
We are running Apache behind an F5 fronting JAVA Container (WebSphere) and the JAVA code makes an HttpServletRequest.getRemoteAddr() request to get IP.
The IP I am told is the one that the CGI REMOTE_ADDR server parameter of Apache provides, but when I try to log that value to see what it is, I get null.
I am under the impression that there is no setting to turn on, but that it should work.
I will note that the Apache I am running is the IBM Version, known as IBM Http Server.
I have asked the my team to look at using X-Forwarded-User, but how would I set it up so that the query for IP returns that, or do we ask the JAVA Developer to change the
Code to support checking for X-Forwarded-User, NOT getRemoteAddr?
Thanks
Don Abernathy
Group Manager- Web Services
MFS Investment Management
MFS Email system made the following annotation
---------------------------------------------------------------------------------------------------------------------------------------
This email communication and any attachments may contain proprietary, confidential, or privileged information. If you are not the intended recipient, you are hereby notified that you have received this email in error and that any review, disclosure, dissemination, distribution or copying of it or its contents is prohibited. The sender does not waive confidentiality or any privilege by mistransmission. If you have received this email in error, please notify the sender immediately, delete this email, and destroy all copies and any attachments.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] Questions on getting Remote Address of client via
Apache
Posted by "Abernathy, Don" <DA...@MFS.com>.
Thanks, was able to figure that that all though logging of the value was intermittent, If I assigned it to another value, say CLIENTIP, I could consistently log that, so now I know it is there.
I like this idea too.
Don Abernathy
Group Manager- Web Services
T: 617-954-4127
MFS Investment Management
111 Huntington Ave, Boston, MA 02199
From: Aurélien Terrestris [mailto:aterrestris@gmail.com]
Sent: Monday, March 21, 2016 4:35 AM
To: users@httpd.apache.org
Subject: Re: [users@httpd] Questions on getting Remote Address of client via Apache
Hello,
I have something similar but I run Tomcat instead of IBM. We use F5/Apache 2.4/Tomcat , and please note this an Apache that I compile myself.
This is what I do to resolve this problem :
-download mod_rapf-0.6
-download rpaf patch ( http://www.be-root.com/downloads/mod_rpaf/mod_rpaf-2.0.patch ) and apply it ( patch -p0 < mod_rpaf-2.0.patch)
-compile mod_rpaf ( example : /usr/local/httpd-2.4.12/bin/apxs -i -c -n mod_rpaf-2.0.so mod_rpaf-2.0.c )
-load and configure the module in httpd.conf :
LoadModule rpaf_module modules/mod_rpaf.so
<IfModule rpaf_module>
RPAFenable On
RPAFproxy_ips 127.0.0.1 (and others ip if needed)
RPAFsethostname On
</IfModule>
-at the tomcat level I need to configure a special logging valve
<Valve className="org.apache.catalina.valves.RemoteIpValve" />
2016-03-20 14:15 GMT+01:00 Abernathy, Don <DA...@mfs.com>:
We are running Apache behind an F5 fronting JAVA Container (WebSphere) and the JAVA code makes an HttpServletRequest.getRemoteAddr() request to get IP.
The IP I am told is the one that the CGI REMOTE_ADDR server parameter of Apache provides, but when I try to log that value to see what it is, I get null.
I am under the impression that there is no setting to turn on, but that it should work.
I will note that the Apache I am running is the IBM Version, known as IBM Http Server.
I have asked the my team to look at using X-Forwarded-User, but how would I set it up so that the query for IP returns that, or do we ask the JAVA Developer to change the
Code to support checking for X-Forwarded-User, NOT getRemoteAddr?
Thanks
Don Abernathy
Group Manager- Web Services
MFS Investment Management
MFS Email system made the following annotation
---------------------------------------------------------------------------------------------------------------------------------------
This email communication and any attachments may contain proprietary, confidential, or privileged information. If you are not the intended recipient, you are hereby notified that you have received this email in error and that any review, disclosure, dissemination, distribution or copying of it or its contents is prohibited. The sender does not waive confidentiality or any privilege by mistransmission. If you have received this email in error, please notify the sender immediately, delete this email, and destroy all copies and any attachments.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
MFS Email system made the following annotation
---------------------------------------------------------------------------------------------------------------------------------------
This email communication and any attachments may contain proprietary, confidential, or privileged information. If you are not the intended recipient, you are hereby notified that you have received this email in error and that any review, disclosure, dissemination, distribution or copying of it or its contents is prohibited. The sender does not waive confidentiality or any privilege by mistransmission. If you have received this email in error, please notify the sender immediately, delete this email, and destroy all copies and any attachments.
Re: [users@httpd] Questions on getting Remote Address of client via Apache
Posted by Aurélien Terrestris <at...@gmail.com>.
Hello,
I have something similar but I run Tomcat instead of IBM. We use F5/Apache
2.4/Tomcat , and please note this an Apache that I compile myself.
This is what I do to resolve this problem :
-download mod_rapf-0.6
-download rpaf patch (
http://www.be-root.com/downloads/mod_rpaf/mod_rpaf-2.0.patch ) and apply it
( patch -p0 < mod_rpaf-2.0.patch)
-compile mod_rpaf ( example : /usr/local/httpd-2.4.12/bin/apxs -i -c -n
mod_rpaf-2.0.so mod_rpaf-2.0.c )
-load and configure the module in httpd.conf :
LoadModule rpaf_module modules/mod_rpaf.so
<IfModule rpaf_module>
RPAFenable On
RPAFproxy_ips 127.0.0.1 (and others ip if needed)
RPAFsethostname On
</IfModule>
-at the tomcat level I need to configure a special logging valve
<Valve className="org.apache.catalina.valves.RemoteIpValve" />
2016-03-20 14:15 GMT+01:00 Abernathy, Don <DA...@mfs.com>:
> We are running Apache behind an F5 fronting JAVA Container (WebSphere) and
> the JAVA code makes an HttpServletRequest.getRemoteAddr() request to get IP.
> The IP I am told is the one that the CGI REMOTE_ADDR server parameter of
> Apache provides, but when I try to log that value to see what it is, I get
> null.
> I am under the impression that there is no setting to turn on, but that it
> should work.
> I will note that the Apache I am running is the IBM Version, known as IBM
> Http Server.
>
> I have asked the my team to look at using X-Forwarded-User, but how would
> I set it up so that the query for IP returns that, or do we ask the JAVA
> Developer to change the
> Code to support checking for X-Forwarded-User, NOT getRemoteAddr?
>
> Thanks
>
>
> Don Abernathy
> Group Manager- Web Services
> MFS Investment Management
> MFS Email system made the following annotation
>
> ---------------------------------------------------------------------------------------------------------------------------------------
> This email communication and any attachments may contain proprietary,
> confidential, or privileged information. If you are not the intended
> recipient, you are hereby notified that you have received this email in
> error and that any review, disclosure, dissemination, distribution or
> copying of it or its contents is prohibited. The sender does not waive
> confidentiality or any privilege by mistransmission. If you have received
> this email in error, please notify the sender immediately, delete this
> email, and destroy all copies and any attachments.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>