httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Surendhar Thallapelly <surendhar.t1...@gmail.com>
Subject [users@httpd] Re: X-Forwarded-For header is missing
Date Mon, 13 Nov 2017 06:17:15 GMT
Hi,

As we discussed below, for only webservice calls X-Forwarded-For header is
not added from apache, remaining other technologies it is adding fine. One
more thing is, X-Forwarded-Host is working always - even for webservice
call as well. I reported bug on this
https://bz.apache.org/bugzilla/show_bug.cgi?id=61750 now.

Thanks,
Surendhar


On Wed, Nov 8, 2017 at 5:42 PM, Surendhar Thallapelly <
surendhar.t1241@gmail.com> wrote:

> Hi Konstantin,
>
> It is not processed and deleted by backend. I enabled x-forwarded-for
> logging, it confirms our Apache webserver is not adding xff header. However
> xfh header added always.
>
> RemoteIpValve is not configured at Apache tomcat.
>
> We already placed ProxyAddHeaders after load modules only, I also attached
> httpd conf  file for your review and captured wireshark packet capture at
> webserver, it confirms above.
>
> Can you please help me and share working httpd.conf file where http web
> server redirecting incoming WEBSERVICE call to another backend application
> with xff headers enabled.
>
> Thanks a lot.
>
> Thanks,
> Surendhar
>
> On Wednesday, November 8, 2017, Konstantin Kolinko <knst.kolinko@gmail.com>
> wrote:
>
>> 2017-11-07 21:44 GMT+03:00 Surendhar Thallapelly <
>> surendhar.t1241@gmail.com>:
>> > Hi Konstantin,
>> >
>> >> Hi Team,
>> >>
>> >> I configured apache http web server to redirect incoming WEBSERVICE
>> call
>> >> to
>> >> another backend application server, X-Forwarded-For is
>> missing(webserver
>> >> ip)
>> >> in backend call.
>> >>
>> >> I have configured below in my webserver httpd.conf file.
>> >>
>> >> ProxyPass /TestProject http://10.160.160.33:2914/TestProject
>> >> ProxyPassReverse /TestProject http://10.160.160.33:2914/TestProject
>> >>
>> >
>> > 1. Version of Apache HTTP server = ? 2.2 & 2.4 both of versions it
>> didn't
>> > work
>> > 2. What is your configuration of ProxyAddHeaders directive?
>> >
>> > http://httpd.apache.org/docs/2.4/mod/mod_proxy.html#proxyaddheaders
>> >
>> > ProxyAddHeaders On
>> >
>> > I also enabled
>> > LoadModule proxy_module modules/mod_proxy.so
>> > LoadModule proxy_http_module modules/mod_proxy_http.so
>> >
>> > X-Forwarded-Host is working showing in my backend call, only
>> X-Forwarded-For
>> > is missing.  I am also attaching my complete http.conf(2.4 version)
>> file for
>> > your review, please review and help me.
>>
>>
>> Maybe the "X-Forwarded-For" is sent by Apache HTTPD, but is processed
>> and removed by your backend?
>>
>> E.g. in Apache Tomcat if a RemoteIpValve is configured,
>> it will process and hide this header from underlying web applications,
>> while its original value is still visible in Access Log and can be
>> logged with %{xxx}i
>>
>> http://tomcat.apache.org/tomcat-8.5-doc/config/valve.html#Remote_IP_Valve
>>
>>
>> (BTW,
>> it is odd how you place your "ProxyAddHeaders On" directive at the top
>> of the file.
>>
>> My expectation is that the directive should be moved below relevant
>> "LoadModule" line,
>> or the configuration fails to load.
>> )
>>
>> Best regards,
>> Konstantin Kolinko
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>

Mime
View raw message