Christopher Schultz
2018-11-28 17:20:07 UTC
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
All,
I'm looking at moving from mod_jk to mod_proxy_http and I'm finding
that a few things don't work "out of the box" like they did with
mod_jk. Specifically, I'm talking about auto-setting values such as
the server name and port that the application sees as the client's
server name and port.
With no specific configuration, this is what the server reports for
various request values (in a JSP, not an access log file, so this is
what the application can see):
serverName localhost
serverPort 8217
The above are accurate: the server is indeed listening on port 8217
and the reverse-proxy is on the same machine as Tomcat.
I get these HTTP request headers added by the reverse-proxy:
x-forwarded-for ::1
x-forwarded-host localhost
x-forwarded-server Christophers-MacBook-Pro-2.local
I am indeed requesting http://localhost/appname/whatever, so these
values are correct.
When enabling the RemoteIpValve in my <Engine> like this:
<Valve className="org.apache.catalina.valves.RemoteIpValve" />
Things change a bit. A few HTTP headers are removed from the
application's view, probably because they have been consumed by the
RemoteIpValve:
x-forwarded-host localhost
x-forwarded-server Christophers-MacBook-Pro-2.local
x-forwarded-for [missing/removed]
But I still see the same values from the request:
serverName localhost
serverPort 8217
The first makes sense... localhost is still the name of the server,
but the port number is wrong. I would expect that to be 80. But I can
see that mod_proxy_http is not providing a port number to Tomcat.
I can explicitly set the port number to e.g. 80 in the connector:
<Connector .... proxyPort="80" />
...and then I get the expected values.
On the other hand, it looks like everything actually *works* without
fixing-up the port issue. Is that because the "host" contains
everything necessary to re-build URLs for redirects, etc.?
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlv+zkYACgkQHPApP6U8
pFgZ6w//ejGz/ZVJJoVrSNbtHcjP/8DYjDRM4iHEaoU4p3i34IzaSfeK1kacvOCl
mdE5RIJo+9y0zOmws33wKZCJelqi2gmhQZFnJeDp2G6BVAnO/ahtIe9cxl31sp3Y
Dz2Hd/EIr/piWvBDsJ2MjZiw0CywQo/XgvjMgmHvUr9o8iKbCWj24NvPSPkNj+iB
a13t1fZMaI/y+2R/EwqqQsjY4+kkJL9JKTNUPEmTNa+KyCurtRNgG+/cmSn/hWmv
pmig7PWjoA3kbdMHDlPifJ0zJiE8KSo+wwLJDchiGC7lQPzVAUkh9yYG6rZCqGI7
46S+I0CydcEo9qqy+7tLyE1XTgM0YiE5FqhYHw9mlkI9MPxqzxi8wPZuKcjzoy5L
Luaq1XgHdsQqzJqlUdREoBBDfXtpELEczb0sqTK+su6YqUl05qUnTo6rHDPgFvsn
zeVP9ypGH5HE+6oRRDAGdw+j4Wv7m8NjpbxgcJorpMBTHUdkjezMEjpnzSNeZem+
7cqqQIaPQEOf0QLlrtexHyENkJgoYg3XZ8I6Me7qUDvqbsrmGHY4N1DrVd1EkIrB
iYKb66BkPRoGdDJ/TjhQe6RtqfH0uJ7rtjvDQljWlYTHp71CLbR6CYP4b4KshCcj
1siCqgtmASfs9xUqxP3oj6EgODYmdDkoPS9ep6iuxqBi+nrLVkQ=
=fQTE
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-***@tomcat.apache.org
For additional commands, e-mail: users-***@tomcat.apache.org
Hash: SHA256
All,
I'm looking at moving from mod_jk to mod_proxy_http and I'm finding
that a few things don't work "out of the box" like they did with
mod_jk. Specifically, I'm talking about auto-setting values such as
the server name and port that the application sees as the client's
server name and port.
With no specific configuration, this is what the server reports for
various request values (in a JSP, not an access log file, so this is
what the application can see):
serverName localhost
serverPort 8217
The above are accurate: the server is indeed listening on port 8217
and the reverse-proxy is on the same machine as Tomcat.
I get these HTTP request headers added by the reverse-proxy:
x-forwarded-for ::1
x-forwarded-host localhost
x-forwarded-server Christophers-MacBook-Pro-2.local
I am indeed requesting http://localhost/appname/whatever, so these
values are correct.
When enabling the RemoteIpValve in my <Engine> like this:
<Valve className="org.apache.catalina.valves.RemoteIpValve" />
Things change a bit. A few HTTP headers are removed from the
application's view, probably because they have been consumed by the
RemoteIpValve:
x-forwarded-host localhost
x-forwarded-server Christophers-MacBook-Pro-2.local
x-forwarded-for [missing/removed]
But I still see the same values from the request:
serverName localhost
serverPort 8217
The first makes sense... localhost is still the name of the server,
but the port number is wrong. I would expect that to be 80. But I can
see that mod_proxy_http is not providing a port number to Tomcat.
I can explicitly set the port number to e.g. 80 in the connector:
<Connector .... proxyPort="80" />
...and then I get the expected values.
On the other hand, it looks like everything actually *works* without
fixing-up the port issue. Is that because the "host" contains
everything necessary to re-build URLs for redirects, etc.?
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlv+zkYACgkQHPApP6U8
pFgZ6w//ejGz/ZVJJoVrSNbtHcjP/8DYjDRM4iHEaoU4p3i34IzaSfeK1kacvOCl
mdE5RIJo+9y0zOmws33wKZCJelqi2gmhQZFnJeDp2G6BVAnO/ahtIe9cxl31sp3Y
Dz2Hd/EIr/piWvBDsJ2MjZiw0CywQo/XgvjMgmHvUr9o8iKbCWj24NvPSPkNj+iB
a13t1fZMaI/y+2R/EwqqQsjY4+kkJL9JKTNUPEmTNa+KyCurtRNgG+/cmSn/hWmv
pmig7PWjoA3kbdMHDlPifJ0zJiE8KSo+wwLJDchiGC7lQPzVAUkh9yYG6rZCqGI7
46S+I0CydcEo9qqy+7tLyE1XTgM0YiE5FqhYHw9mlkI9MPxqzxi8wPZuKcjzoy5L
Luaq1XgHdsQqzJqlUdREoBBDfXtpELEczb0sqTK+su6YqUl05qUnTo6rHDPgFvsn
zeVP9ypGH5HE+6oRRDAGdw+j4Wv7m8NjpbxgcJorpMBTHUdkjezMEjpnzSNeZem+
7cqqQIaPQEOf0QLlrtexHyENkJgoYg3XZ8I6Me7qUDvqbsrmGHY4N1DrVd1EkIrB
iYKb66BkPRoGdDJ/TjhQe6RtqfH0uJ7rtjvDQljWlYTHp71CLbR6CYP4b4KshCcj
1siCqgtmASfs9xUqxP3oj6EgODYmdDkoPS9ep6iuxqBi+nrLVkQ=
=fQTE
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-***@tomcat.apache.org
For additional commands, e-mail: users-***@tomcat.apache.org