apache反向代理tomcat时x-forwarded-for为null的问题

apache 在用ProxyPass时会自动在header中设置X-Forwarded-For X-Forwarded-Host和X-Forwarded-Server (http://httpd.apache.org/docs/2.2/mod/mod_proxy.html)

apache反向代理tomcat时x-forwarded-for为null的问题_第1张图片

如果tomcat后端不做设置, 在jsp中用out.println("x-forwarded-for:" + request.getHeader("x-forwarded-for") + "
");能获取到客户ip,

由于在用nginx做前置代理时为了https也能访问,要让out.println("x-forwarded-proto:" + request.getHeader("x-forwarded-proto") + "
");能获取到真实的值需要在tomcat的server.xml

中设置value:

        className="org.apache.catalina.valves.RemoteIpValve"
        remoteIpHeader="x-forwarded-for"
        protocolHeader="x-forwarded-proto"
      />

这样设置后的tomcat,用于Apache做前置代理时request.getHeader("x-forwarded-for")获取到null。在https://tomcat.apache.org/tomcat-7.0-doc/api/org/apache/catalina/valves/RemoteIpValve.html

中有:

apache反向代理tomcat时x-forwarded-for为null的问题_第2张图片

所有在tomcat的server.xml中设置了上述参数后会造成request.getHeader("x-forwarded-for")获取的值为null,但用request.getRemoteAddr()就能获取真实客户ip了。

另外要用request.getHeader("x-forwarded-proto")获取值需要在apache设置中加入RequestHeader set X-Forwarded-Proto "https"(在https的设置中,在http设置中用http)


你可能感兴趣的:(linux,java)