tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eugène Adell <>
Subject RE:Tomcat and IP transparency
Date Thu, 01 Aug 2013 08:56:31 GMT

Hi Joan

I think your problem is not easy to solve. If it is possible to know which requests could
be for this blackbox (from client IP or destination IP) then you should serve all these requests
without using your cache at all.

How to achieve this ? Maybe by using an IP-based Virtual Host on your server and forwarding
all requests coming to this IP to the blackbox, at the OS level (iptables). The other listening
IP (that you've been using till now) will still accept the other requests. Maybe, you have
to add a round-trip in your servlet for redirecting all requests for the blackbox with a "302
Redirect" to the other IP, if your clients handle such redirects.

Probably to do all this, but not in 5 minutes


De : Joan Balagueró Ventus Proxy []
Envoyé : mercredi 31 juillet 2013 21:04
À :
Objet : Tomcat and IP transparency


I already asked this question to the Apache HttpClient Forum. They don't
know if this is possible with java/Tomcat.

I have developed a proxy servlet with an xml cache, running in a Tomcat
6.0.37 on Linux Centos6.4.

When the incoming xml request (sent from an external client) is not found in
the proxy cache, I use HttpClient 4.2.5 to create a new http request and
redirect it to the provider application servers to get the xml response.

So far, everything worked ok with all our clients. But now we've a provider
that needs ip transparency. Then, the request created by httpclient needs to
carry the origin ip address (that from the external client), not the proxy
ip. My proxy gets correctly the external IP (using request.getRemoteAddr()),
but when the provider application reads the IP provided by the http client
using request.getRemoteAddr(), they obviously get the proxy IP.

The provider software is a blackbox, then reading ips with
'request.getRemoteAddr()' is something that they cannot change now.
Therefore, things like adding a 'X-Forwarded-for' header cannot be
implemented in this scenario.

Is it possible tot achieve this at  Tomcat level? Has anyone found an
scenario like this?

Thanks in advance,


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message