You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Martin Knoblauch <sp...@knobisoft.de> on 2011/05/27 14:53:14 UTC
[users@httpd] Weird problerm accessing request headers from tomcat
Hi,
sorry for the crosspost, but I am not sure where to ask. I am trying to
understand a weird problem accessing HTTP request headers from a jsf page.
The setup is as follows:
apache1 -> apache2 -> mod_jk -> tomcat
Apache1 is accessible from the Internet and forwards requests to my application
to apache2. I have no direct control over the setup of apache1 and I cannot look
at the configuration. Apache2 (2.0.63 on Linux) is answering requests from the
intranet and forwards them via mod_jk (1.2.30) to two loadbanced tomcats (Linux,
6.0.32).
Apache1 inserts the following variables into the requests it forwards to
Apache1. Apache1 can see them, I have checked that using cgi-bin/printenv (some
values anonymized):
HTTP_X_FORWARDED_FOR="aa.bb.cc.dd"
HTTP_X_FORWARDED_HOST="xxx.yyy.net"
HTTP_X_FORWARDED_PORT="443"
HTTP_X_FORWARDED_PROTOCOL="https"
HTTP_X_FORWARDED_SERVER="aaa.bbb.ccc"
If I try to read those variables from the tomcat application using this
facelett code:
<h:outputText style="font: bold 14px sans-serif;"
value="X_FORWARDED_HOST: #{header['X_FORWARDED_HOST']}" />
<br />
<h:outputText style="font: bold 14px sans-serif;"
value="X_FORWARDED_PROTOCOL: #{header['X_FORWARDED_PROTOCOL']}"
/>
<br />
<h:outputText style="font: bold 14px sans-serif;"
value="X_FORWARDED_PORT: #{header['X_FORWARDED_PORT']}" />
<br />
<h:outputText style="font: bold 14px sans-serif;"
value="X_FORWARDED_FOR: #{header['X_FORWARDED_FOR']}" />
<br />
<h:outputText style="font: bold 14px sans-serif;"
value="X_FORWARDED_SERVER: #{header['X_FORWARDED_SERVER']}" />
<br />
Only X_FORWARDED_PORT and X_FORWARDED_PROTOCOL are set. The other three are
empty/null. It seem that somewhere they get dropped between Apache2, mod_jk and
Tomcat.
Now, I know that _PORT and _PROTOCOL are inserted at Apache1 using
'RequestHeader set X_FORWARDED_PROTOCOL "https"', while I do not know how the
other three are generated. If I add 'RequestHeader set X_FORWARDED_HOST
"xxx.yyy.net"' to the configuration from apache2, the application sees that
header as well. Confused? so am I :-(
Happy weekend
Martin
------------------------------------------------------
Martin Knoblauch
email: k n o b i AT knobisoft DOT de
www: http://www.knobisoft.de
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] Re: Weird problerm accessing request headers from tomcat
Posted by Martin Knoblauch <sp...@knobisoft.de>.
Hi Martin,
the reverse proxy (gateway) in my case would be "apache1" me thinks. "apache2"
definitely does not use mod_proxy/ProxyPass. It is just loadbalancing two tomcat
instances using "mod_jk".
My problem is (maybe I was not clear) that "apache2" does see the
X-Forwarded-For, X-Forwarded-Host and X-Forwarded-Server headers apparently
added by "apache1", but that those are not visible in the requests reaching
tomcat. If, just as an experiment, I use "RequestHeader set" in the "apache2"
ssl configuration, tomcat sees them. Same is true for the "_PORT" and
"_PROTOCOL" headers that are added on "apache1" via "RequestHeader set".
Did I express myself better this time? There must be some handling differences
between headers added from mod_proxy (if that is used by apache1 I will not find
out before some time next week) and those added by mod_headers.
Thanks
Martin :-)
------------------------------------------------------
Martin Knoblauch
email: k n o b i AT knobisoft DOT de
www: http://www.knobisoft.de
----- Original Message ----
> From: Martin Gainty <mg...@hotmail.com>
> To: Tomcat Users List <us...@tomcat.apache.org>
> Sent: Fri, May 27, 2011 3:29:32 PM
> Subject: RE: Weird problerm accessing request headers from tomcat
>
>
> when your Apache2 is configured as reverse-proxy you are fowarding
>IP,RequestedHost and Proxy-Server specifically:
>
> When acting in a reverse-proxy mode (using the ProxyPass directive, for
>example),
> mod_proxy_http adds several request headers in
> order to pass information to the origin server. These headers
> are:
>
> X-Forwarded-ForThe IP address of the client.X-Forwarded-HostThe original
>host requested by the client in the Host
>
> HTTP request header.X-Forwarded-ServerThe hostname of the proxy
server.
>
> http://httpd.apache.org/docs/2.2/mod/mod_proxy.html
>
> is this not the case?
> Martin
> ______________________________________________
>
>
>
>
>
>
> > Date: Fri, 27 May 2011 05:53:14 -0700
> > From: spamtrap@knobisoft.de
> > Subject: Weird problerm accessing request headers from tomcat
> > To: users@tomcat.apache.org; users@httpd.apache.org
> >
> > Hi,
> >
> > sorry for the crosspost, but I am not sure where to ask. I am trying to
> > understand a weird problem accessing HTTP request headers from a jsf page.
> >
> > The setup is as follows:
> >
> > apache1 -> apache2 -> mod_jk -> tomcat
> >
> > Apache1 is accessible from the Internet and forwards requests to my
>application
>
> > to apache2. I have no direct control over the setup of apache1 and I cannot
>look
>
> > at the configuration. Apache2 (2.0.63 on Linux) is answering requests from
>the
>
> > intranet and forwards them via mod_jk (1.2.30) to two loadbanced tomcats
>(Linux,
>
> > 6.0.32).
> >
> > Apache1 inserts the following variables into the requests it forwards to
> > Apache1. Apache1 can see them, I have checked that using cgi-bin/printenv
>(some
>
> > values anonymized):
> >
> > HTTP_X_FORWARDED_FOR="aa.bb.cc.dd"
> > HTTP_X_FORWARDED_HOST="xxx.yyy.net"
> > HTTP_X_FORWARDED_PORT="443"
> > HTTP_X_FORWARDED_PROTOCOL="https"
> > HTTP_X_FORWARDED_SERVER="aaa.bbb.ccc"
> >
> > If I try to read those variables from the tomcat application using this
> > facelett code:
> >
> > <h:outputText style="font: bold 14px sans-serif;"
> > value="X_FORWARDED_HOST: #{header['X_FORWARDED_HOST']}" />
> > <br />
> > <h:outputText style="font: bold 14px sans-serif;"
> > value="X_FORWARDED_PROTOCOL:
>#{header['X_FORWARDED_PROTOCOL']}"
>
> > />
> > <br />
> > <h:outputText style="font: bold 14px sans-serif;"
> > value="X_FORWARDED_PORT: #{header['X_FORWARDED_PORT']}" />
> > <br />
> > <h:outputText style="font: bold 14px sans-serif;"
> > value="X_FORWARDED_FOR: #{header['X_FORWARDED_FOR']}" />
> > <br />
> > <h:outputText style="font: bold 14px sans-serif;"
> > value="X_FORWARDED_SERVER: #{header['X_FORWARDED_SERVER']}"
>/>
> > <br />
> >
> >
> > Only X_FORWARDED_PORT and X_FORWARDED_PROTOCOL are set. The other three are
> > empty/null. It seem that somewhere they get dropped between Apache2, mod_jk
>and
>
> > Tomcat.
> >
> > Now, I know that _PORT and _PROTOCOL are inserted at Apache1 using
> > 'RequestHeader set X_FORWARDED_PROTOCOL "https"', while I do not know how
>the
>
> > other three are generated. If I add 'RequestHeader set X_FORWARDED_HOST
> > "xxx.yyy.net"' to the configuration from apache2, the application sees that
> > header as well. Confused? so am I :-(
> >
> > Happy weekend
> >
> > Martin
> > ------------------------------------------------------
> > Martin Knoblauch
> > email: k n o b i AT knobisoft DOT de
> > www: http://www.knobisoft.de
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: users-help@tomcat.apache.org
> >
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: Weird problerm accessing request headers from tomcat
Posted by Martin Knoblauch <sp...@knobisoft.de>.
Hi Martin,
the reverse proxy (gateway) in my case would be "apache1" me thinks. "apache2"
definitely does not use mod_proxy/ProxyPass. It is just loadbalancing two tomcat
instances using "mod_jk".
My problem is (maybe I was not clear) that "apache2" does see the
X-Forwarded-For, X-Forwarded-Host and X-Forwarded-Server headers apparently
added by "apache1", but that those are not visible in the requests reaching
tomcat. If, just as an experiment, I use "RequestHeader set" in the "apache2"
ssl configuration, tomcat sees them. Same is true for the "_PORT" and
"_PROTOCOL" headers that are added on "apache1" via "RequestHeader set".
Did I express myself better this time? There must be some handling differences
between headers added from mod_proxy (if that is used by apache1 I will not find
out before some time next week) and those added by mod_headers.
Thanks
Martin :-)
------------------------------------------------------
Martin Knoblauch
email: k n o b i AT knobisoft DOT de
www: http://www.knobisoft.de
----- Original Message ----
> From: Martin Gainty <mg...@hotmail.com>
> To: Tomcat Users List <us...@tomcat.apache.org>
> Sent: Fri, May 27, 2011 3:29:32 PM
> Subject: RE: Weird problerm accessing request headers from tomcat
>
>
> when your Apache2 is configured as reverse-proxy you are fowarding
>IP,RequestedHost and Proxy-Server specifically:
>
> When acting in a reverse-proxy mode (using the ProxyPass directive, for
>example),
> mod_proxy_http adds several request headers in
> order to pass information to the origin server. These headers
> are:
>
> X-Forwarded-ForThe IP address of the client.X-Forwarded-HostThe original
>host requested by the client in the Host
>
> HTTP request header.X-Forwarded-ServerThe hostname of the proxy
server.
>
> http://httpd.apache.org/docs/2.2/mod/mod_proxy.html
>
> is this not the case?
> Martin
> ______________________________________________
>
>
>
>
>
>
> > Date: Fri, 27 May 2011 05:53:14 -0700
> > From: spamtrap@knobisoft.de
> > Subject: Weird problerm accessing request headers from tomcat
> > To: users@tomcat.apache.org; users@httpd.apache.org
> >
> > Hi,
> >
> > sorry for the crosspost, but I am not sure where to ask. I am trying to
> > understand a weird problem accessing HTTP request headers from a jsf page.
> >
> > The setup is as follows:
> >
> > apache1 -> apache2 -> mod_jk -> tomcat
> >
> > Apache1 is accessible from the Internet and forwards requests to my
>application
>
> > to apache2. I have no direct control over the setup of apache1 and I cannot
>look
>
> > at the configuration. Apache2 (2.0.63 on Linux) is answering requests from
>the
>
> > intranet and forwards them via mod_jk (1.2.30) to two loadbanced tomcats
>(Linux,
>
> > 6.0.32).
> >
> > Apache1 inserts the following variables into the requests it forwards to
> > Apache1. Apache1 can see them, I have checked that using cgi-bin/printenv
>(some
>
> > values anonymized):
> >
> > HTTP_X_FORWARDED_FOR="aa.bb.cc.dd"
> > HTTP_X_FORWARDED_HOST="xxx.yyy.net"
> > HTTP_X_FORWARDED_PORT="443"
> > HTTP_X_FORWARDED_PROTOCOL="https"
> > HTTP_X_FORWARDED_SERVER="aaa.bbb.ccc"
> >
> > If I try to read those variables from the tomcat application using this
> > facelett code:
> >
> > <h:outputText style="font: bold 14px sans-serif;"
> > value="X_FORWARDED_HOST: #{header['X_FORWARDED_HOST']}" />
> > <br />
> > <h:outputText style="font: bold 14px sans-serif;"
> > value="X_FORWARDED_PROTOCOL:
>#{header['X_FORWARDED_PROTOCOL']}"
>
> > />
> > <br />
> > <h:outputText style="font: bold 14px sans-serif;"
> > value="X_FORWARDED_PORT: #{header['X_FORWARDED_PORT']}" />
> > <br />
> > <h:outputText style="font: bold 14px sans-serif;"
> > value="X_FORWARDED_FOR: #{header['X_FORWARDED_FOR']}" />
> > <br />
> > <h:outputText style="font: bold 14px sans-serif;"
> > value="X_FORWARDED_SERVER: #{header['X_FORWARDED_SERVER']}"
>/>
> > <br />
> >
> >
> > Only X_FORWARDED_PORT and X_FORWARDED_PROTOCOL are set. The other three are
> > empty/null. It seem that somewhere they get dropped between Apache2, mod_jk
>and
>
> > Tomcat.
> >
> > Now, I know that _PORT and _PROTOCOL are inserted at Apache1 using
> > 'RequestHeader set X_FORWARDED_PROTOCOL "https"', while I do not know how
>the
>
> > other three are generated. If I add 'RequestHeader set X_FORWARDED_HOST
> > "xxx.yyy.net"' to the configuration from apache2, the application sees that
> > header as well. Confused? so am I :-(
> >
> > Happy weekend
> >
> > Martin
> > ------------------------------------------------------
> > Martin Knoblauch
> > email: k n o b i AT knobisoft DOT de
> > www: http://www.knobisoft.de
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: users-help@tomcat.apache.org
> >
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Weird problerm accessing request headers from tomcat
Posted by Martin Knoblauch <sp...@knobisoft.de>.
Hi Andre,
see below. You are not going to hear me slapping my face, but definitely doing
"ahhhh!" :-)
Cheers
Martin
------------------------------------------------------
Martin Knoblauch
email: k n o b i AT knobisoft DOT de
www: http://www.knobisoft.de
----- Original Message ----
> From: André Warnier <aw...@ice-sa.com>
> To: Tomcat Users List <us...@tomcat.apache.org>
> Sent: Fri, May 27, 2011 6:01:28 PM
> Subject: Re: Weird problerm accessing request headers from tomcat
>
> Hi.
>
> I believe that you are making the often-made confusion between "environment
>values" (or variables), and HTTP headers content.
> In particular, here :
>
seems you are right.
> >> Apache1 inserts the following variables into the requests it forwards to
>Apache1 (I suppose you meant Apache2 here)
>
> No. It does not do that. It adds some HTTP headers. This is different, see
>below.
>
> . Apache1 (I suppose you meant Apache2 here) can see them, I have checked that
>using cgi-bin/printenv (some
> >> values anonymized):
> >>
> >> HTTP_X_FORWARDED_FOR="aa.bb.cc.dd"
> >> HTTP_X_FORWARDED_HOST="xxx.yyy.net"
> >> HTTP_X_FORWARDED_PORT="443"
> >> HTTP_X_FORWARDED_PROTOCOL="https"
> >> HTTP_X_FORWARDED_SERVER="aaa.bbb.ccc"
> >>
> Your check does not show that at all. It shows something that is just
>confusing enough to get you confused as to what you are seeing. ;-)
>
> But you have excuses for your confusion, because the Apache documentation
>itself is very confusing as to "environment variables".
>
Indeed, the documentation leaves this pretty diffuse.
> What the cgi-bin script sees, are indeed "environment values".
> These are set by the Apache process (Apache2), just before it executes the
>cgi-bin script. So the cgi-bin script sees them in its environment when it
>runs.
> (like with $ENV{'HTTP_X_FORWARDED_PORT'})
>
> But there is no one-to-one relationship between what Apache finds in HTTP
>request headers, and the environment values which it sets for the cgi-bin
>scripts that it runs.
> Apache does "convert" some of the request HTTP header values into cgi-bin
>environment variables, but :
> - the name of the environment variable may be different from the corresponding
>HTTP header label (you see this yourself above : a HTTP header named
>"X-forwarded-for:" has been passed to the cgi-bin script as the environment
>value named "HTTP_X_FORWARDED_FOR")
> - not all HTTP headers are converted and passed that way
> - some environment values passed to the cgi-bin script are not, and never
>were, HTTP headers of the request (for example, the cgi-bin environment values
>"QUERY_STRING", or "SCRIPT_FILENAME")
>
Ok, that definitely explains what I am seeing.
> On the other hand :
>
> When a HTTP proxy server forwards a HTTP request to another HTTP server via
>the HTTP protocol, it forwards *all* the request headers and request content to
>this other server, as a HTTP request (otherwise, it would not be a valid HTTP
>proxy server). But it cannot forward "environment values", because there is no
>defined way of doing this over the HTTP protocol. (*)
>
>
> But now I see your second post, and your problem is in fact much simpler.
>
> By doing this :
> h:outputText style="font: bold 14px sans-serif;"
> > value="X_FORWARDED_HOST: #{header['X_FORWARDED_HOST']}" />
>
> what you are actually trying to retrieve, is the content of the HTTP request
>header
> "X_FORWARDED_HOST:" (I guess), but this HTTP header does not exist in the
>request.
> What you are giving as a HTTP header name, is actually what the cgi-bin
>environment value name was for your cgi-bin.
> Which, as I try to explain at long length above, is not the same thing.
>
> So you get back a null, and you think that the header was not there.
> But it is there, only under its real HTTP header name.
> Try something like
> value="X_FORWARDED_HOST: #{header['X-Forwarded-for']}" />"
> instead.
>
Yup, using "X-Forewarded-Host" works as expected. Thanks a big lot.
> (Noise of self-slap on face ?).
>
As I said above: no self slapping. Just amazement on how much there is still to
learn after all these years :-)
>
>
> (*) However, when the proxy protocol used is AJP (as it is between Apache and
>Tomcat when using the mod_jk connector, or the mod_proxy_ajp connector), /then/
>some additional values /can/ be passed along with the request (because the AJP
>protocol allows that). On the Tomcat side, these then appear as "request
>attributes" which the webapp can retrieve (via request.getAttribute(name)), but
>not as "environment values" of the Tomcat process for example.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Weird problerm accessing request headers from tomcat
Posted by André Warnier <aw...@ice-sa.com>.
Hi.
I believe that you are making the often-made confusion between "environment values" (or
variables), and HTTP headers content.
In particular, here :
>> Apache1 inserts the following variables into the requests it forwards to
>> Apache1 (I suppose you meant Apache2 here)
No. It does not do that. It adds some HTTP headers. This is different, see below.
. Apache1 (I suppose you meant Apache2 here) can see them, I have checked that using
cgi-bin/printenv (some
>> values anonymized):
>>
>> HTTP_X_FORWARDED_FOR="aa.bb.cc.dd"
>> HTTP_X_FORWARDED_HOST="xxx.yyy.net"
>> HTTP_X_FORWARDED_PORT="443"
>> HTTP_X_FORWARDED_PROTOCOL="https"
>> HTTP_X_FORWARDED_SERVER="aaa.bbb.ccc"
>>
Your check does not show that at all. It shows something that is just confusing enough to
get you confused as to what you are seeing. ;-)
But you have excuses for your confusion, because the Apache documentation itself is very
confusing as to "environment variables".
What the cgi-bin script sees, are indeed "environment values".
These are set by the Apache process (Apache2), just before it executes the cgi-bin script.
So the cgi-bin script sees them in its environment when it runs.
(like with $ENV{'HTTP_X_FORWARDED_PORT'})
But there is no one-to-one relationship between what Apache finds in HTTP request headers,
and the environment values which it sets for the cgi-bin scripts that it runs.
Apache does "convert" some of the request HTTP header values into cgi-bin environment
variables, but :
- the name of the environment variable may be different from the corresponding HTTP header
label (you see this yourself above : a HTTP header named "X-forwarded-for:" has been
passed to the cgi-bin script as the environment value named "HTTP_X_FORWARDED_FOR")
- not all HTTP headers are converted and passed that way
- some environment values passed to the cgi-bin script are not, and never were, HTTP
headers of the request (for example, the cgi-bin environment values "QUERY_STRING", or
"SCRIPT_FILENAME")
On the other hand :
When a HTTP proxy server forwards a HTTP request to another HTTP server via the HTTP
protocol, it forwards *all* the request headers and request content to this other server,
as a HTTP request (otherwise, it would not be a valid HTTP proxy server). But it cannot
forward "environment values", because there is no defined way of doing this over the HTTP
protocol. (*)
But now I see your second post, and your problem is in fact much simpler.
By doing this :
h:outputText style="font: bold 14px sans-serif;"
> value="X_FORWARDED_HOST: #{header['X_FORWARDED_HOST']}" />
what you are actually trying to retrieve, is the content of the HTTP request header
"X_FORWARDED_HOST:" (I guess), but this HTTP header does not exist in the request.
What you are giving as a HTTP header name, is actually what the cgi-bin environment value
name was for your cgi-bin.
Which, as I try to explain at long length above, is not the same thing.
So you get back a null, and you think that the header was not there.
But it is there, only under its real HTTP header name.
Try something like
value="X_FORWARDED_HOST: #{header['X-Forwarded-for']}" />"
instead.
(Noise of self-slap on face ?).
(*) However, when the proxy protocol used is AJP (as it is between Apache and Tomcat when
using the mod_jk connector, or the mod_proxy_ajp connector), /then/ some additional values
/can/ be passed along with the request (because the AJP protocol allows that). On the
Tomcat side, these then appear as "request attributes" which the webapp can retrieve (via
request.getAttribute(name)), but not as "environment values" of the Tomcat process for
example.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Weird problerm accessing request headers from tomcat
Posted by Martin Gainty <mg...@hotmail.com>.
when your Apache2 is configured as reverse-proxy you are fowarding IP,RequestedHost and Proxy-Server specifically:
When acting in a reverse-proxy mode (using the ProxyPass directive, for example),
mod_proxy_http adds several request headers in
order to pass information to the origin server. These headers
are:
X-Forwarded-ForThe IP address of the client.X-Forwarded-HostThe original host requested by the client in the Host
HTTP request header.X-Forwarded-ServerThe hostname of the proxy server.
http://httpd.apache.org/docs/2.2/mod/mod_proxy.html
is this not the case?
Martin
______________________________________________
> Date: Fri, 27 May 2011 05:53:14 -0700
> From: spamtrap@knobisoft.de
> Subject: Weird problerm accessing request headers from tomcat
> To: users@tomcat.apache.org; users@httpd.apache.org
>
> Hi,
>
> sorry for the crosspost, but I am not sure where to ask. I am trying to
> understand a weird problem accessing HTTP request headers from a jsf page.
>
> The setup is as follows:
>
> apache1 -> apache2 -> mod_jk -> tomcat
>
> Apache1 is accessible from the Internet and forwards requests to my application
> to apache2. I have no direct control over the setup of apache1 and I cannot look
> at the configuration. Apache2 (2.0.63 on Linux) is answering requests from the
> intranet and forwards them via mod_jk (1.2.30) to two loadbanced tomcats (Linux,
> 6.0.32).
>
> Apache1 inserts the following variables into the requests it forwards to
> Apache1. Apache1 can see them, I have checked that using cgi-bin/printenv (some
> values anonymized):
>
> HTTP_X_FORWARDED_FOR="aa.bb.cc.dd"
> HTTP_X_FORWARDED_HOST="xxx.yyy.net"
> HTTP_X_FORWARDED_PORT="443"
> HTTP_X_FORWARDED_PROTOCOL="https"
> HTTP_X_FORWARDED_SERVER="aaa.bbb.ccc"
>
> If I try to read those variables from the tomcat application using this
> facelett code:
>
> <h:outputText style="font: bold 14px sans-serif;"
> value="X_FORWARDED_HOST: #{header['X_FORWARDED_HOST']}" />
> <br />
> <h:outputText style="font: bold 14px sans-serif;"
> value="X_FORWARDED_PROTOCOL: #{header['X_FORWARDED_PROTOCOL']}"
> />
> <br />
> <h:outputText style="font: bold 14px sans-serif;"
> value="X_FORWARDED_PORT: #{header['X_FORWARDED_PORT']}" />
> <br />
> <h:outputText style="font: bold 14px sans-serif;"
> value="X_FORWARDED_FOR: #{header['X_FORWARDED_FOR']}" />
> <br />
> <h:outputText style="font: bold 14px sans-serif;"
> value="X_FORWARDED_SERVER: #{header['X_FORWARDED_SERVER']}" />
> <br />
>
>
> Only X_FORWARDED_PORT and X_FORWARDED_PROTOCOL are set. The other three are
> empty/null. It seem that somewhere they get dropped between Apache2, mod_jk and
> Tomcat.
>
> Now, I know that _PORT and _PROTOCOL are inserted at Apache1 using
> 'RequestHeader set X_FORWARDED_PROTOCOL "https"', while I do not know how the
> other three are generated. If I add 'RequestHeader set X_FORWARDED_HOST
> "xxx.yyy.net"' to the configuration from apache2, the application sees that
> header as well. Confused? so am I :-(
>
> Happy weekend
>
> Martin
> ------------------------------------------------------
> Martin Knoblauch
> email: k n o b i AT knobisoft DOT de
> www: http://www.knobisoft.de
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>