dhis2-devs team mailing list archive

[Jason Pickering <jason.p.pickering@xxxxxxxxx>]

Hi Saptarshi,
In my case, Nginx is the  forward facing reverse proxy. For security
reasons, I do not want to Tomcat to use the public IP directly (which is
static), so that is not an option for me.

All requests in the access logs are from 127.0.0.1 (the reverse proxy). Of
course I can see the client activity in the Nginx log with the "real IP",
but it would be useful in some cases to have this directly in the Tomcat
logs. Not a big deal really, but would be nice to have.

Regards,
Jason



On Sat, Jul 20, 2013 at 7:33 AM, Saptarshi Purkayastha <sunbiz@xxxxxxxxx>wrote:

> Hi Jason,
>
> On 19 July 2013 22:26, Jason Pickering <jason.p.pickering@xxxxxxxxx>wrote:
>
>>
>> On a related note Bob,  do you know how to get the "real IP" of the
>> server into the Tomcat logs? The header directive is necessary, but does
>> not show up in my Tomcat logs with the user's IP. I somehow think it is not
>> possible but maybe I am missing something.
>>
>
> I am assuming you are getting the client IP shown correctly in the access
> logs in tomcat.
> The server IP is showing 127.0.0.1 because that what its connector has
> been bound to. Change the connector's address to the public address and it
> will show you that in the logs.
>
> <Connector
>     port="8080"
>     protocol="HTTP/1.1"
>     address="<public-IP here>"
>     connectionTimeout="20000"
>     redirectPort="8443"
>   />
>
>
> If its dynamic address, it will be problematic though...
>
> ---
> Regards,
> Saptarshi PURKAYASTHA
>
> My Tech Blog:  http://sunnytalkstech.blogspot.com
> You Live by CHOICE, Not by CHANCE
>
>