On Fri, Aug 11, 2023 at 4:21 AM Molina de la Iglesia, Manuel <[email protected]> wrote:
> Hi, I'm in a similar situation. > > I have an external application that the backend communicates with > Guacamole in order to get the list of reachable remote machines and > redirect the user to the URL of the selected one (yes, with the token on > the URL :-( , the problem is the same one, the address that log shows is > the application address instead of the user address because although the > user browser opens the remote session, the auth is done by my application > backend, I tried to add the X_Forwarder_For header on the request but it > doesn't work. > > I'm not a tomcat expert, but I think that should be any setting to force > the use of X_Forwarded_for provided address, any idea? > Did you also configure the Remote IP valve, as documented in this section of the manual: https://guacamole.apache.org/doc/gug/reverse-proxy.html#setting-up-the-remote-ip-valve If you're running in Docker in recent versions (1.5.0 or later), this should be something you can set up by adding the REMOTE_IP_VALVE_ENABLED=true variable to your Docker container startup for guacamole/guacamole. This is required as an addition to changes for your particular reverse proxy. -Nick >
