On 02/05/2026 16:27, Christopher Schultz wrote:
All,
I've got an odd situation where some requests arriving in my application
are claiming to come from 127.0.0.1 as the remote IP address.
I'm calling HttpServletRequest.getRemoteAddr and storing it in the
user's session. I'm an admin, so I can see this attribute in users'
sessions and very rarely I'm seeing that it's set to 127.0.0.1.
My setup is:
AWS ALB -> httpd [mod_jk] -> [stunnel] -> Tomcat [AjpNioProtocol]
This does not require high load. All httpd and Tomcat instances are
configured identically. And this happens very rarely, but enough that I
have noticed it and I'd like to understand what might be happening.
An interview with ChatGPT yielded this comment:
"
AJP is not resilient to partial/ambiguous reads across a tunneled TCP
stream. If anything about framing or connection reuse gets even slightly
out of sync, Tomcat will still process the request—but silently fall
back to 127.0.0.1.
"
Yeah, that looks like nonsense.
I assume that it isn't at all possible that the request has been made by
127.0.0.1 (the machine where httpd is running)?
Honestly, I think that ChatGPT has grabbed on to the idea that "httpd
and Tomcat are fine, so it must be stunnel" which seems odd to me, but
I'm wondering about its comment.
My expectation is that if "something is wrong" then mod_jk will kill the
request. Or maybe Tomcat will. Or both.
I see no correlation with errors in my mod_jk.log file (which has very
few if any errors).
Any suggestions for what might be happening? I can't reproduce this
myself but I control everything in the stack except for the AWS ALB
(which I can configure, but obviously, I can't directly-instrument in
the way that I could, say, httpd, Tomcat, or my own application).
The remote address is held in a MessageBytes object which is reset to
NULL on a new request so it looks like something is setting it
explicitly to "127.0.0.1".
That makes me think it is something in httpd/mod_jk rather than Tomcat.
I think I'd start by looking at the access logs for the requests in
question in httpd and see which IP is logged there.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
