(james-project) 01/03: [ENHANCEMENT] JMAP MDC: make the original IP header configurable

Thu, 03 Apr 2025 20:09:48 -0700 

This is an automated email from the ASF dual-hosted git repository.

rcordier pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/james-project.git

commit c160b85854cebde58bc52a89f48ee1510cfc6150
Author: Quan Tran <hqt...@linagora.com>
AuthorDate: Tue Apr 1 09:24:29 2025 +0700

    [ENHANCEMENT] JMAP MDC: make the original IP header configurable
---
 docs/modules/servers/partials/configure/jvm.adoc              | 11 +++++++++++
 .../scala/org/apache/james/jmap/routes/JMAPApiRoutes.scala    |  4 +++-
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/docs/modules/servers/partials/configure/jvm.adoc 
b/docs/modules/servers/partials/configure/jvm.adoc
index 0147537a8a..2f645bfd80 100644
--- a/docs/modules/servers/partials/configure/jvm.adoc
+++ b/docs/modules/servers/partials/configure/jvm.adoc
@@ -124,6 +124,17 @@ Ex in `jvm.properties`:
 james.jmap.email.set.range.threshold=3
 ----
 
+== JMAP MDC: configure value for original IP header
+
+Configure the header to get the original JMAP client's IP address. This is 
useful when James is behind a reverse proxy.
+
+Defaults to the `x-forwarded-for` header.
+
+Ex in `jvm.properties`:
+----
+james.jmap.mdc.original.ip.header=x-real-ip
+----
+
 == Enable S3 metrics
 
 James supports extracting some S3 client-level metrics e.g. number of 
connections being used, time to acquire an S3 connection, total time to finish 
a S3 request...
diff --git 
a/server/protocols/jmap-rfc-8621/src/main/scala/org/apache/james/jmap/routes/JMAPApiRoutes.scala
 
b/server/protocols/jmap-rfc-8621/src/main/scala/org/apache/james/jmap/routes/JMAPApiRoutes.scala
index caa41cc905..328a0b5f60 100644
--- 
a/server/protocols/jmap-rfc-8621/src/main/scala/org/apache/james/jmap/routes/JMAPApiRoutes.scala
+++ 
b/server/protocols/jmap-rfc-8621/src/main/scala/org/apache/james/jmap/routes/JMAPApiRoutes.scala
@@ -35,6 +35,7 @@ import org.apache.james.jmap.exceptions.UnauthorizedException
 import org.apache.james.jmap.http.rfc8621.InjectionKeys
 import org.apache.james.jmap.http.{Authenticator, UserProvisioning}
 import org.apache.james.jmap.json.ResponseSerializer
+import org.apache.james.jmap.routes.JMAPApiRoutes.ORIGINAL_IP_HEADER
 import org.apache.james.jmap.{Endpoint, JMAPRoute, JMAPRoutes}
 import org.apache.james.mailbox.MailboxSession
 import org.apache.james.util.{MDCBuilder, ReactorUtils}
@@ -48,6 +49,7 @@ import scala.util.Try
 
 object JMAPApiRoutes {
   val LOGGER: Logger = LoggerFactory.getLogger(classOf[JMAPApiRoutes])
+  val ORIGINAL_IP_HEADER: String = 
System.getProperty("james.jmap.mdc.original.ip.header", "x-forwarded-for")
 }
 
 case class StreamConstraintsExceptionWithInput(cause: 
StreamConstraintsException, input: Array[Byte]) extends RuntimeException(cause)
@@ -78,7 +80,7 @@ class JMAPApiRoutes @Inject() (@Named(InjectionKeys.RFC_8621) 
val authenticator:
       .`then`()
       .contextWrite(ReactorUtils.context("MDCBuilder.IP", MDCBuilder.create()
         .addToContext(MDCBuilder.IP, 
Option(httpServerRequest.hostAddress()).map(_.toString()).getOrElse(""))
-        .addToContext("x-forwarded-for", 
Option(httpServerRequest.requestHeaders().get("X-Forwarded-For")).getOrElse(""))
+        .addToContext(ORIGINAL_IP_HEADER, 
Option(httpServerRequest.requestHeaders().get(ORIGINAL_IP_HEADER)).getOrElse(""))
         .addToContext("User-Agent", 
Option(httpServerRequest.requestHeaders().get("User-Agent")).getOrElse(""))))
 
   private def requestAsJsonStream(httpServerRequest: HttpServerRequest): 
SMono[RequestObject] =


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org
For additional commands, e-mail: notifications-h...@james.apache.org

Reply via email to