ProxyPass, ProxyReverse vs AJP

后端 未结 3 1609
[愿得一人]
[愿得一人] 2021-02-02 15:35

I currently have a Tomcat + Apache HTTP server setting to serve my Java servlet:

ProxyPass /myservice http://localhost:8080/myservice
ProxyPassRerverse /myservic         


        
相关标签:
3条回答
  • 2021-02-02 15:58

    You can read the X-Forwarded-For in the request header.

    From the Apache mod_proxy documentation:

    When acting in a reverse-proxy mode (using the ProxyPass directive, for example), mod_proxy_http adds several request headers in order to pass information to the origin server. These headers are:

    • X-Forwarded-For: The IP address of the client.
    • X-Forwarded-Host: The original host requested by the client in the Host HTTP request header.
    • X-Forwarded-Server: The hostname of the proxy server.

    Be careful when using these headers on the origin server, since they will contain more than one (comma-separated) value if the original request already contained one of these headers. For example, you can use %{X-Forwarded-For}i in the log format string of the origin server to log the original clients IP address, but you may get more than one address if the request passes through several proxies.

    In your servlet, you would have:

    doGet(HttpServletRequest request, HttpServletResponse response){
      request.getHeader("X-Forwarded-For")
    }
    
    0 讨论(0)
  • 2021-02-02 16:12

    this is very simple:

    <VirtualHost> 
    
     ServerName www.server.com
    
     redirect / http://www.server.com/foo
    
     ProxyRequests off
     ProxyPass / ajp://localhost:8009/
    
    </VirtualHost>
    
    0 讨论(0)
  • 2021-02-02 16:13

    Do it like this:

    in the apache config:

    <Location /foo>
      ProxyPass ajp://localhost:8009/foo
      ProxyPassReverse ajp://localhost:8009/foo
    </Location>
    

    And then in your server.xml:

    <Connector port="8009" 
               enableLookups="false" secure="true" URIEncoding="UTF-8"
               tomcatAuthentication="false"
               protocol="AJP/1.3" />
    

    That should pass everything through. The AJP protocol passes the info, but http: doesn't.

    You may not want secure="true", I use that because SSL is handled at the apache layer and I need tomcat to know that the connection should be considered a secure one.

    0 讨论(0)
提交回复
热议问题