Sanjeewa,
What is the purpose of
<property name="X-Forwarded-For" expression="*fn:concat(get-**
property('clientIP'),get-property('coming-X-Forwarded-**For'))*"
scope="transport" type="STRING"/>
You are concatenating the clientIP and coming-X-Forwarded-For property
values. So the outgoing X-Forwarded-For header from the ELB will be a
concatenation of the two ip addresses. Is it right to have it that way?
Thanks,
NuwanD.
On Fri, Oct 25, 2013 at 1:20 AM, Sanjeewa Malalgoda <[email protected]>wrote:
> No, load balancer will not drop any header(x forward for). But we do not
> add client ip to x forward for header list. Normally all hardware load
> balancers do that. Here issue is when request come to load balancer it
> will replace client IP with load balancers IP. So eventually actual back
> end server does not aware about client IP. We can achieve this by adding
> following configuration to load balancers main sequence. I think we need to
> add this to default load balancer configuration.
>
> <property name="coming-X-Forwarded-For"
> expression="get-property('transport','X-Forwarded-For')"/>
> <property name="clientIP"
> expression="fn:concat(get-property('axis2','REMOTE_ADDR'),', ')"/>
> <property name="X-Forwarded-For"
> expression="fn:concat(get-property('clientIP'),get-property('coming-X-Forwarded-For'))"
> scope="transport" type="STRING"/>
>
> Thanks,
> sanjeewa.
>
>
> On Thu, Oct 24, 2013 at 5:17 PM, Kishanthan Thangarajah <
> [email protected]> wrote:
>
>> Are you saying that currently load-balancer drops this header even though
>> you send it? or only the IP of load-balancer get missed, but the client's
>> IP goes through with the header, hence we need to append the IP of
>> load-balancer?
>>
>>
>> On Thu, Oct 24, 2013 at 3:38 PM, Sanjeewa Malalgoda <[email protected]>wrote:
>>
>>> Hi Team,
>>> Normally when requests pass through load balancers client IP for
>>> actual back end server would be load balancers IP. But sometimes
>>> actual back end server may need actual client and load balancers (all load
>>> balancers message passed) IPs to tracing message flows. In such cases
>>> normally we use X-Forwarded-For[1] header. So i think we should add
>>> it to our elastic load balancer by default. Adding following configuration
>>> to main sequence will work. Also if header is already present we should
>>> append ip by separating ",".
>>>
>>>
>>> <property name="X-Forwarded-For"
>>> expression="get-property('axis2','REMOTE_ADDR')" scope="transport"
>>> type="STRING"/>
>>>
>>>
>>> [1]http://en.wikipedia.org/wiki/X-Forwarded-For
>>>
>>> Thanks,
>>> sanjeewa.
>>> --
>>> *
>>> *
>>> *Sanjeewa Malalgoda*
>>> Senior Software Engineer
>>> WSO2 Inc.
>>> Mobile : +94713068779
>>>
>>> <http://sanjeewamalalgoda.blogspot.com/>blog
>>> :http://sanjeewamalalgoda.blogspot.com/<http://sanjeewamalalgoda.blogspot.com/>
>>>
>>>
>>>
>>> _______________________________________________
>>> Dev mailing list
>>> [email protected]
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> *Kishanthan Thangarajah*
>> Senior Software Engineer,
>> Platform Technologies Team,
>> WSO2, Inc.
>> lean.enterprise.middleware
>>
>> Mobile - +94773426635
>> Blog - *http://kishanthan.wordpress.com*
>> Twitter - *http://twitter.com/kishanthan*
>>
>
>
>
> --
> *
> *
> *Sanjeewa Malalgoda*
> Senior Software Engineer
> WSO2 Inc.
> Mobile : +94713068779
>
> <http://sanjeewamalalgoda.blogspot.com/>blog
> :http://sanjeewamalalgoda.blogspot.com/<http://sanjeewamalalgoda.blogspot.com/>
>
>
>
> _______________________________________________
> Dev mailing list
> [email protected]
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>
--
Nuwan Dias
Senior Software Engineer - WSO2, Inc. http://wso2.com
email : [email protected]
Phone : +94 777 775 729
_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev
