Thanks, Pascal, for the helpful link you provided a couple weeks ago for confiuring RemoteIpValve for CAS when placing the CAS server behind a reverse proxy (load balancer). Based on the information in the link, I added lines to the cas.properties file, which are described in my Dec 19 post. However, CAS audit logs still show the IP address for the load balancer, not the client. I am not sure what I am missing. Assistance would be appreciated.
On Thursday, December 19, 2019 at 4:22:37 PM UTC-5, crdaudt wrote: > > OK, in the cas.properties files I have placed the following (for our > reverse proxy hosted at IP = 111.222.33.44): > > ----BEGIN---- > ... > server.tomcat.accesslog.directory=/var/log/tomcat > server.tomcat.accesslog.pattern=%h %l %u %t "%r" %s %b > server.use-forward-headers=true > server.tomcat.internal-proxies=111\\.222\\.33\\.44 > server.tomcat.remote-ip-header=x-forwarded-for > server.tomcat.protocol-header=x-forwarded-proto > logging.level.org.apache.catalina.valves.RemoteIpValve=DEBUG > ... > ----END---- > > However, the IP address field for /var/log/tomcat/access_log.<date>.log > still shows the IP address of our load balancer, not the client. > Am I missing something? > > > > On Wednesday, December 18, 2019 at 2:41:57 PM UTC-5, Pascal Rigaux wrote: >> >> On 18/12/2019 19:48, crdaudt wrote: >> >> > Is it possible to configure the embedded tomcat container with a >> RemoteIpValve setting? >> >> It is possible: >> https://docs.spring.io/spring-boot/docs/current/reference/html/howto.html#howto-use-tomcat-behind-a-proxy-server >> >> >> -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/8402d455-adc3-4ee0-a202-08309c46091b%40apereo.org.
