[Bug 56058] AccessLogValve Local IP/port inconsistent
https://bz.apache.org/bugzilla/show_bug.cgi?id=56058 Mark Thomas ma...@apache.org changed: What|Removed |Added Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #3 from Mark Thomas ma...@apache.org --- I've added some links to the AccessLogValve docs for trunk, 8.0.x (8.0.21 onwards), 7.0.x (7.0.60 onwards) and 6.0.x (6.0.44 onwards). It loks like what you want to do is possible via configuration. If you need further pointers, please use the users mailing list. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 56058] AccessLogValve Local IP/port inconsistent
https://issues.apache.org/bugzilla/show_bug.cgi?id=56058 --- Comment #2 from Rainer Jung rainer.j...@kippdata.de --- Some related info is contained in http://tomcat.apache.org/connectors-doc/generic_howto/proxy.html It also contains the names of the Apache variables one can set if one wants to override the data automatically forwarded via AJP by mod_jk (not mod_proxy_ajp). -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 56058] AccessLogValve Local IP/port inconsistent
https://issues.apache.org/bugzilla/show_bug.cgi?id=56058
--- Comment #1 from Mark Thomas ma...@apache.org ---
I've been looking at the source and doing some testing.
For the AJP protocol:
- %a and %h always refer to the client as seen by the reverse proxy
- %v is the host header received by the reverse proxy or the reverse proxy's
host name for HTTP/1.0 or HTTP/0.9 requests
- %A is always InetAddress.getLocalHost().getHostAddress() (or 127.0.0.1 if
that fails)
- %p is the port that the reverse proxy received the connection on
The IP address that the reverse proxy received the connection on is not
available in the AJP protocol. You could make this available by setting a
custom HTTP header in the reverse proxy and then displaying the value of that
header in the AccessLogValve.
Because of the way AJP is implemented, it is probably easiest to expose the
connector port the same way (since the reverse proxy must know what port it is
sending the request to).
It is highly unlikely that there is going to be any functional changes to
Tomcat 6 this area.
You do get much more control if you:
- upgrade to Tomcat 7.0.x or Tomcat 8.0.x
- switch to using HTTP rather than AJP for your reverse proxy
- use the RemoteIpValve or RemoteIpFilter
- configure the RemoteIpValve or RemoteIpFilter with
requestAttributesEnabled=true
- configure the AccessLogValve with requestAttributesEnabled=false
With this configuration the standard access log valve elements will record the
values as seen by Tomcat. The values as seen by the proxy will be available as
request attributes that can be included in the access log via the %{xxx}r
pattern.
I'm not going to resolve this just yet as I think the documentation (for all
Tomcat versions) could be improved to make clear exactly what gets logged
and/or when what gets logged varies.
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
