You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Martin Knoblauch <sp...@knobisoft.de> on 2011/05/27 16:45:29 UTC
[users@httpd] Re: Weird problerm accessing request headers from tomcat
Hi Martin,
the reverse proxy (gateway) in my case would be "apache1" me thinks. "apache2"
definitely does not use mod_proxy/ProxyPass. It is just loadbalancing two tomcat
instances using "mod_jk".
My problem is (maybe I was not clear) that "apache2" does see the
X-Forwarded-For, X-Forwarded-Host and X-Forwarded-Server headers apparently
added by "apache1", but that those are not visible in the requests reaching
tomcat. If, just as an experiment, I use "RequestHeader set" in the "apache2"
ssl configuration, tomcat sees them. Same is true for the "_PORT" and
"_PROTOCOL" headers that are added on "apache1" via "RequestHeader set".
Did I express myself better this time? There must be some handling differences
between headers added from mod_proxy (if that is used by apache1 I will not find
out before some time next week) and those added by mod_headers.
Thanks
Martin :-)
------------------------------------------------------
Martin Knoblauch
email: k n o b i AT knobisoft DOT de
www: http://www.knobisoft.de
----- Original Message ----
> From: Martin Gainty <mg...@hotmail.com>
> To: Tomcat Users List <us...@tomcat.apache.org>
> Sent: Fri, May 27, 2011 3:29:32 PM
> Subject: RE: Weird problerm accessing request headers from tomcat
>
>
> when your Apache2 is configured as reverse-proxy you are fowarding
>IP,RequestedHost and Proxy-Server specifically:
>
> When acting in a reverse-proxy mode (using the ProxyPass directive, for
>example),
> mod_proxy_http adds several request headers in
> order to pass information to the origin server. These headers
> are:
>
> X-Forwarded-ForThe IP address of the client.X-Forwarded-HostThe original
>host requested by the client in the Host
>
> HTTP request header.X-Forwarded-ServerThe hostname of the proxy
server.
>
> http://httpd.apache.org/docs/2.2/mod/mod_proxy.html
>
> is this not the case?
> Martin
> ______________________________________________
>
>
>
>
>
>
> > Date: Fri, 27 May 2011 05:53:14 -0700
> > From: spamtrap@knobisoft.de
> > Subject: Weird problerm accessing request headers from tomcat
> > To: users@tomcat.apache.org; users@httpd.apache.org
> >
> > Hi,
> >
> > sorry for the crosspost, but I am not sure where to ask. I am trying to
> > understand a weird problem accessing HTTP request headers from a jsf page.
> >
> > The setup is as follows:
> >
> > apache1 -> apache2 -> mod_jk -> tomcat
> >
> > Apache1 is accessible from the Internet and forwards requests to my
>application
>
> > to apache2. I have no direct control over the setup of apache1 and I cannot
>look
>
> > at the configuration. Apache2 (2.0.63 on Linux) is answering requests from
>the
>
> > intranet and forwards them via mod_jk (1.2.30) to two loadbanced tomcats
>(Linux,
>
> > 6.0.32).
> >
> > Apache1 inserts the following variables into the requests it forwards to
> > Apache1. Apache1 can see them, I have checked that using cgi-bin/printenv
>(some
>
> > values anonymized):
> >
> > HTTP_X_FORWARDED_FOR="aa.bb.cc.dd"
> > HTTP_X_FORWARDED_HOST="xxx.yyy.net"
> > HTTP_X_FORWARDED_PORT="443"
> > HTTP_X_FORWARDED_PROTOCOL="https"
> > HTTP_X_FORWARDED_SERVER="aaa.bbb.ccc"
> >
> > If I try to read those variables from the tomcat application using this
> > facelett code:
> >
> > <h:outputText style="font: bold 14px sans-serif;"
> > value="X_FORWARDED_HOST: #{header['X_FORWARDED_HOST']}" />
> > <br />
> > <h:outputText style="font: bold 14px sans-serif;"
> > value="X_FORWARDED_PROTOCOL:
>#{header['X_FORWARDED_PROTOCOL']}"
>
> > />
> > <br />
> > <h:outputText style="font: bold 14px sans-serif;"
> > value="X_FORWARDED_PORT: #{header['X_FORWARDED_PORT']}" />
> > <br />
> > <h:outputText style="font: bold 14px sans-serif;"
> > value="X_FORWARDED_FOR: #{header['X_FORWARDED_FOR']}" />
> > <br />
> > <h:outputText style="font: bold 14px sans-serif;"
> > value="X_FORWARDED_SERVER: #{header['X_FORWARDED_SERVER']}"
>/>
> > <br />
> >
> >
> > Only X_FORWARDED_PORT and X_FORWARDED_PROTOCOL are set. The other three are
> > empty/null. It seem that somewhere they get dropped between Apache2, mod_jk
>and
>
> > Tomcat.
> >
> > Now, I know that _PORT and _PROTOCOL are inserted at Apache1 using
> > 'RequestHeader set X_FORWARDED_PROTOCOL "https"', while I do not know how
>the
>
> > other three are generated. If I add 'RequestHeader set X_FORWARDED_HOST
> > "xxx.yyy.net"' to the configuration from apache2, the application sees that
> > header as well. Confused? so am I :-(
> >
> > Happy weekend
> >
> > Martin
> > ------------------------------------------------------
> > Martin Knoblauch
> > email: k n o b i AT knobisoft DOT de
> > www: http://www.knobisoft.de
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: users-help@tomcat.apache.org
> >
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org