Hi
>Does Tomcat support the headers: X-Forwarded-For, X-Forwarded-Host and X-Forwarded-Server when running behind a proxy? >I'm running Tomcat 5.0.25 behind Apache 1.3/mod_proxy and doesn't look like Tomcat uses these headers.
What would you expect tomcat to do when these headers are present?
Regards, Steffen
X-Forwarded-For contains the IP address of the client, so Tomcat can return that in ServletRequest.getRemoteAddr() in stead of the IP of the proxy server. I understand this is a security risk if you didn't close your firewall. It is possible to add an option trustProxy="true|false" to the config. X-Forwarded-Host and X-Forwarded-Server contain the server name from the request. This can override the setting proxyName. I still have to find out the difference between X-Forwarded-Host and X-Forwarded-Server as Apache fills them with the same value in my case.
Ronald.
