After processing the request, the RemoteIPValve resets the RemoteAddr to its original value. The Header Fields X-Forwarded-By and X-Forwarded-For, that may have also been changed will not be reset to their original values. This leads to an inconsistent state of the request after processing: Before: RemoteAddr: 192.168.1.1 X-Forwarded-For: 88.77.66.55 After: RemoteAddr: 192.168.1.1 X-Forwarded-For: null So, the information that is probably most valuable to me is now neither in the RemoteAddr, nor in the X-Forwarded-For header. This may cause problems, because Access Logging is done after request processing. Depending on your logging config, the True Client IP will be completly lost from the logs. A workaround may be to set requestAttributesEnabled=true and log those attributes.
Fixed in trunk for 9.0.x and in 8.0.x for 8.0.23 onwards.