tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ma...@apache.org
Subject svn commit: r1067732 - in /tomcat/trunk: java/org/apache/catalina/filters/RemoteIpFilter.java java/org/apache/catalina/valves/AccessLogValve.java java/org/apache/catalina/valves/RemoteIpValve.java webapps/docs/changelog.xml webapps/docs/config/valve.xml
Date Sun, 06 Feb 2011 19:08:13 GMT
Author: markt
Date: Sun Feb  6 19:08:13 2011
New Revision: 1067732

URL: http://svn.apache.org/viewvc?rev=1067732&view=rev
Log:
Tweak defaults. Document.

Modified:
    tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java
    tomcat/trunk/java/org/apache/catalina/valves/AccessLogValve.java
    tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java
    tomcat/trunk/webapps/docs/changelog.xml
    tomcat/trunk/webapps/docs/config/valve.xml

Modified: tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java?rev=1067732&r1=1067731&r2=1067732&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java (original)
+++ tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java Sun Feb  6 19:08:13
2011
@@ -41,6 +41,7 @@ import javax.servlet.http.HttpServletReq
 import javax.servlet.http.HttpServletRequestWrapper;
 import javax.servlet.http.HttpServletResponse;
 
+import org.apache.catalina.AccessLog;
 import org.apache.juli.logging.Log;
 import org.apache.juli.logging.LogFactory;
 
@@ -698,6 +699,11 @@ public class RemoteIpFilter implements F
     private String remoteIpHeader = "X-Forwarded-For";
     
     /**
+     * @see #setRequestAttributesEnabled(boolean)
+     */
+    private boolean requestAttributesEnabled = true;
+
+    /**
      * @see #setTrustedProxies(String)
      */
     private Pattern trustedProxies = null;
@@ -792,6 +798,16 @@ public class RemoteIpFilter implements F
                         + xRequest.getScheme() + "', newSecure='" + xRequest.isSecure() +
"', new[" + remoteIpHeader + "]='"
                         + xRequest.getHeader(remoteIpHeader) + "', new[" + proxiesHeader
+ "]='" + xRequest.getHeader(proxiesHeader) + "'");
             }
+            if (requestAttributesEnabled) {
+                request.setAttribute(AccessLog.REMOTE_ADDR_ATTRIBUTE,
+                        request.getRemoteAddr());
+                request.setAttribute(AccessLog.REMOTE_HOST_ATTRIBUTE,
+                        request.getRemoteHost());
+                request.setAttribute(AccessLog.PROTOCOL_ATTRIBUTE,
+                        request.getProtocol());
+                request.setAttribute(AccessLog.SERVER_PORT_ATTRIBUTE,
+                        Integer.valueOf(request.getServerPort()));
+            }
             chain.doFilter(xRequest, response);
         } else {
             if (log.isDebugEnabled()) {
@@ -839,6 +855,15 @@ public class RemoteIpFilter implements F
         return remoteIpHeader;
     }
     
+    /**
+     * @see #setRequestAttributesEnabled(boolean)
+     * @return <code>true</code> if the attributes will be logged, otherwise
+     *         <code>false</code>
+     */
+    public boolean getRequestAttributesEnabled() {
+        return requestAttributesEnabled;
+    }
+
     public Pattern getTrustedProxies() {
         return trustedProxies;
     }
@@ -988,6 +1013,28 @@ public class RemoteIpFilter implements F
     }
     
     /**
+     * Should this filter set request attributes for IP address, Hostname,
+     * protocol and port used for the request? This are typically used in
+     * conjunction with an {@link AccessLog} which will otherwise log the
+     * original values. Default is <code>true</code>.
+     * 
+     * The attributes set are:
+     * <ul>
+     * <li>org.apache.catalina.RemoteAddr</li>
+     * <li>org.apache.catalina.RemoteHost</li>
+     * <li>org.apache.catalina.Protocol</li>
+     * <li>org.apache.catalina.ServerPost</li>
+     * </ul>
+     * 
+     * @param requestAttributesEnabled  <code>true</code> causes the attributes
+     *                                  to be set, <code>false</code> disables
+     *                                  the setting of the attributes. 
+     */
+    public void setRequestAttributesEnabled(boolean requestAttributesEnabled) {
+        this.requestAttributesEnabled = requestAttributesEnabled;
+    }
+
+    /**
      * <p>
      * Regular expression defining proxies that are trusted when they appear in
      * the {@link #remoteIpHeader} header.

Modified: tomcat/trunk/java/org/apache/catalina/valves/AccessLogValve.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/valves/AccessLogValve.java?rev=1067732&r1=1067731&r2=1067732&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/valves/AccessLogValve.java (original)
+++ tomcat/trunk/java/org/apache/catalina/valves/AccessLogValve.java Sun Feb  6 19:08:13 2011
@@ -296,7 +296,7 @@ public class AccessLogValve extends Valv
     /**
      * @see #setRequestAttributesEnabled(boolean)
      */
-    protected boolean requestAttributesEnabled = true;
+    protected boolean requestAttributesEnabled = false;
 
     // ------------------------------------------------------------- Properties
 

Modified: tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java?rev=1067732&r1=1067731&r2=1067732&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java (original)
+++ tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java Sun Feb  6 19:08:13 2011
@@ -752,7 +752,7 @@ public class RemoteIpValve extends Valve
     /**
      * Should this valve set request attributes for IP address, Hostname,
      * protocol and port used for the request? This are typically used in
-     * conjunction with the {@link AccessLogValve} which will otherwise log the
+     * conjunction with the {@link AccessLog} which will otherwise log the
      * original values. Default is <code>true</code>.
      * 
      * The attributes set are:

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1067732&r1=1067731&r2=1067732&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Sun Feb  6 19:08:13 2011
@@ -55,6 +55,11 @@
         When running under a security manager, user requests may fail with a
         security exception. (markt)
       </fix>
+      <add>
+        Enhance the RemoteIpFilter and RemoteIpValve so that the modified remote
+        address, remote host, protocol and server port may be used in an access
+        log if desired. (markt)
+      </add>
     </changelog>
   </subsection>
   <subsection name="Coyote">

Modified: tomcat/trunk/webapps/docs/config/valve.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/valve.xml?rev=1067732&r1=1067731&r2=1067732&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/config/valve.xml (original)
+++ tomcat/trunk/webapps/docs/config/valve.xml Sun Feb  6 19:08:13 2011
@@ -119,6 +119,16 @@
         use a zero-length string.</p>
       </attribute>
 
+      <attribute name="requestAttributesEnabled" required="false">
+        <p>Set to <code>true</code> to check for the existance of request
+        attributes (typically set by the RemoteIpValve and similar) that should
+        be used to override the values returned by the request for remote
+        address, remote host, server port and protocol. If the attributes are
+        not set, or this attribute is set to <code>false</code> then the values

+        from the request will be used. If not set, the default value of
+        <code>false</code> will be used.</p>
+      </attribute>
+
       <attribute name="resolveHosts" required="false">
         <p>Set to <code>true</code> to convert the IP address of the remote
         host into the corresponding host name via a DNS lookup.  Set to
@@ -820,6 +830,15 @@
         <code>x-forwarded-by</code> is used.</p>
       </attribute>
 
+      <attribute name="requestAttributesEnabled" required="false">
+        <p>Set to <code>true</code> to set the request attributes used
by
+        AccessLog implementations to override the values returned by the
+        request for remote address, remote host, server port and protocol. If
+        the attributes are not set, or this attribute is set to
+        <code>false</code> then the values from the request will be used. If
not
+        set, the default value of <code>true</code> will be used.</p>
+      </attribute>
+
       <attribute name="trustedProxies" required="false">
         <p>Regular expression (using <code>java.util.regex</code>) that
a
         proxy&apos;s IP address must match to be considered an trusted proxy.



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message