Good morning all, the answers are [inline].
With kind regards Frank Am Dienstag, den 31.03.2020, 10:08 -0400 schrieb Christopher Schultz: > Frank, > > On 3/31/20 02:26, Frank Tornack wrote: > > I currently have a problem with Tomcat7, or rather a colleague has > > it. > > Which exact version of Tomcat 7? It is version: 7.0.76 > > > Personally I would like to help him, but I can't find the error > > myself. We already asked the question on stackoverflow.com and got > > a good hint, but unfortunately no solving. So I would like to ask > > for help and support here. I think I am violating the directive of > > asking a double question, but it is important to me personally to > > help this colleague. Therefore I am at least honest, the question > > can also be found at the link: > > https://stackoverflow.com/questions/60827540/tomcat-x-forwarded-for-do > esnt-work-with-load-balancer > > We run a software that uses Tomcat as application server behind a > > load balancer. Now we would like to record the initial address of > > the requests and not the IP of the load balancer. We have used > > these 3 websites for the setup, but unfortunately it does not work. > > The IPs of the loadbalancers are still written to the access log. > > https://tomcat.apache.org/tomcat-7.0-doc/api/org/apache/catalina/valve > s/RemoteIpValve.html > > > https://tomcat.apache.org/tomcat-7.0-doc/api/org/apache/catalina/valves/ > AccessLogValve.html > > https://tomcat.apache.org/tomcat-7.0-doc/config/valve.html#Remote_IP_V > alve > > You > are at least on the right track. Thank you. I had the hope not to run completely in the wrong direction. > > > We used the following configuration for access logging and remote > > valve: <Valve className="org.apache.catalina.valves.RemoteIpValve" > > internalProxies="xxx\.xxx\.xxx\.7|xxx\.xxx\.xxx\.8|xxx\.xxx\.xxx\.9 > > " > > r emoteIpHeader="X-Forwarded-For" /> <Valve > > className="org.apache.catalina.valves.AccessLogValve" > > directory="logs" prefix="access_log." suffix=".log" > > pattern="%{org.apache.catalina.AccessLog.RemoteAddr}r %l %u %t > > "%r" %s %b" requestAttributesEnabled="true" /> > > What is the IP address of your load-balancer(s)? One of those > xxx.xxx.xxx.[789]? the used load balancer uses three network cards in the Tomcat network. We have not yet set up a grouping of the network cards, so all IPs are listed here and linked with "or". > > > The request header 'X-Forwarded-For' was set and load balancer was > > analyzed via wireshark and Request Dumper Filter. We can see the > > header in both. However we still only get the IP of the load > > balancer and not the IP of the remote client. The IP adresses of > > the config have already been checked and they are correct. > > > > Thank you very much in advance for your support. > > Please post the <Connector> that you are using to receive requests > from your load-balancer. <Connector port="80" protocol="HTTP/1.1" connectionTimeout="200000" redirectPort="8443" URIEncoding="UTF-8" /> <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" /> > > Are you seeing any warnings/errors in your log file when Tomcat > starts? During the first few requests? There are some errors, but as far as I know only application errors and none from Tomcat itself. > > -chris > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
