|Summary:||Regarding Tomcat Manager Application Status|
|Product:||Tomcat 7||Reporter:||Mali <bhatu.mali>|
|Component:||Manager||Assignee:||Tomcat Developers Mailing List <dev>|
|Attachments:||Tomcat Managet Status Page|
Description Mali 2014-01-06 08:28:39 UTC
In Tomcat Manager Application, when we browse status page report for currently running request, there is column name which shows Client IP address. If my tomcat is running Behind Proxy or Behind NGINX or Behind Apache Mod Proxy, then Client IP is IP address of Last Proxy. I have tried to pass X-Forwarded-For parameter but there is no change in Client IP address. Same problem exist in request.getRemoteAddr() (always returns proxy IP address) and Access Log Configuration (logs proxy IP address in access log file). It would be nice if we can incorporate X-Forwarded-For (or like wise HTTP_X_FORWARDED_FOR,Proxy-Client-IP etc) in above situations.
Comment 1 Christopher Schultz 2014-01-06 22:20:21 UTC
I think you may be looking for: http://tomcat.apache.org/tomcat-7.0-doc/config/filter.html#Remote_IP_Filter
Comment 2 Mark Thomas 2014-01-08 20:47:47 UTC
This is a configuration issue. As Chris pointed out, you need to configure either http://tomcat.apache.org/tomcat-7.0-doc/config/valve.html#Remote_IP_Valve or http://tomcat.apache.org/tomcat-7.0-doc/config/filter.html#Remote_IP_Filter If you need help doing that, the users list is the place to ask.
Comment 3 Mali 2014-01-17 07:13:11 UTC
Created attachment 31221 [details] Tomcat Managet Status Page
Comment 4 Mali 2014-01-17 07:18:25 UTC
Comment on attachment 31221 [details] Tomcat Managet Status Page Using "Remote IP Valve", access log writes proper IP of remote machine, but Tomcat Manager Status page still shows Proxy Servers IP adress as shows in screenshot. My Proxy server and Tomcat is in same machine as of now, so Tomcat Manager Status page shows Proxy Servers IP address as 127.0.0.1.
Comment 5 Mark Thomas 2014-01-17 09:30:02 UTC
OK, I'll take a look.
Comment 6 Mark Thomas 2014-01-19 19:48:22 UTC
The information you are looking at comes from the request processors. They look at the CoyoteRequest and that is not modified by the RemoteIp[Filter|Valve]. I'm currently pondering how to best address this.
Comment 7 Mark Thomas 2014-01-20 14:08:17 UTC
This has now been fixed in 8.0.x for 8.0.0 onwards and 7.0.x for 7.0.51 onwards.
Comment 8 pikachu 2014-05-05 08:31:25 UTC
Hello , We use Tomcat which comes bundled with SAP Business objects and the version of tomcat to use is more or less packaged (I am not very sure at the momemnt if we are allowed to patch it independently) Anyways, is it possible to downport this correction to 7.0.32 onwards please? Thx
Comment 9 Christopher Schultz 2014-05-05 14:01:14 UTC
The Tomcat team does not back-port patches to older versions of Tomcat. Instead, we release a new version. You are welcome to locate the apply the patch yourself, but it will be a source-level patch and you'll have to recompile from source yourself. Fortunately, building Tomcat 7 from source is dead simple. If you have further questions, please post to the Tomcat users' mailing list.