Hi
Inside Tomcat's conf/server.xml, copy and paste the following inside "Host"
tag(generally at the end of the file)
<Valve className="org.apache.catalina.valves.RemoteIpValve"
internalProxies="127.0.0.1"
remoteIpHeader="x-forwarded-for"
remoteIpProxiesHeader="x-forwarded-by"
protocolHeader="x-forwarded-proto" />
More details are available at following URL
https://guacamole.apache.org/doc/gug/proxying-guacamole.html#tomcat-remote-i
p
From: Niubbo75 [mailto:[email protected]]
Sent: 14 April 2020 07:07 PM
To: [email protected]
Subject: NGINX + TOMCAT 9 + Guacamole
Hello, I have configured Guacamole 1.1.0 on CentOS 7 with Tomcat 9.0.33, I
have use NGINX to let users to login on guacamole via https://mydomain.name
instead of http://my.guacamole.server:8080/guacamole all work good except
that in Guacamole all users seems to login from 127.0.0.1. I have use this
nginx.conf: (guacamole side) # GUACAMOLE SERVER SETTINGS server { listen 443
ssl; #listen [::]:443 ssl; server_name mydomain.name; proxy_buffering off;
#proxy_redirect off; proxy_http_version 1.1; proxy_set_header
X-Forwarded_For $proxy_add_x_forwarded_for; proxy_set_header Upgrade
$http_upgrade; proxy_set_header Connection $http_upgrade; proxy_cookie_path
/guacamole/ /; location ~ /.well-known/acme-challenge { root /var/www/html/;
} location / { proxy_pass http://127.0.0.1:8080/guacamole/; proxy_buffering
off; proxy_http_version 1.1; proxy_set_header X-Forwarded_For
$proxy_add_x_forwarded_for; proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection; proxy_cookie_path /guacamole/
/; access_log off; } } I have read that i need to set up a "valve" also in
Tomcat, but I don't know where and how, can someone please help me solve
this issue? Thanks, Alessandro
_____
Sent from the Apache Guacamole - General/User Mailing List mailing list
archive
<http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/>
at Nabble.com.
--
**Disclaimer:* This message and any attachment may contain confidential,
proprietary information and is intended only for the individual named. If
you are not the original intended recipient and have erroneously received
this message, you should not disseminate, distribute or copy this e-mail.
Please notify the sender immediately by e-mail if you have received this
e-mail by mistake and delete this e-mail from your system. Hitachi MGRM Net
E-mail transmission cannot be guaranteed to be secure or error-free as
information could be intercepted, corrupted, lost, destroyed, arrive late
or incomplete, or contain viruses. Hitachi MGRM Net therefore does not
accept liability for any errors or omissions in the contents of this
message, which arise as a result of e-mail transmission. If verification is
required, please request a hard-copy version. Hitachi MGRM Net Ltd, C -
6/5, Safdarjung Development Area, New Delhi - 110016, India*
*
*
*'Please
consider the environment before printing this e-mail'.*
