• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

request.getRemoteAddr() 127.0.0.1 ?

 
Ranch Hand
Posts: 247
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
This should be simple but.....

Try to get a hold of the users IP address.
But request.getRemoteAddr() is returning 127.0.0.1.


And its not a local connect. It's from my game www.mobwarrior.com

Any ideas?


 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
That usually means that there is a server in front of it (probably Apache); from Tomcat's perspective that's where the request is coming from. In those cases the original IP address is often passed along in a request header, called "x-forwarded-for" or something like that.
 
Kris Reid
Ranch Hand
Posts: 247
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Tomcat is the webserver as well. There is no apache running on the domain.

Here something tricker
I just mad a JSP page to do some testing and request.getRemoteAddr() returned a remote IP.

How could this be?

I might add that in the application where I'm trying to get the IP it is a Struts2 action calls.
I implemented ServletRequestAware to get the request object.

The other thing I'm thinking is that I use filters but surly they maintain the remote IP??

 
Kris Reid
Ranch Hand
Posts: 247
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
OK I'm a gumby

You were right it is the "X-Forwarded-For"
request.getHeader("X-Forwarded-For")

Cheers
 
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello,

Getting the IP address of the client can be tricky because each traversed proxy and load balancer adds an IP address to the multi valued, comma delimited, value of the X-Forwarded-For header (see Wikipedia X-Forwarded-For page). Moreover, web client can tweak the X-Forwarded-For with tools like Firefox Modify Headers or X-Forwarded-For Spoofer add-ons.

The forthcoming version of Apache Httpd will offer a secure mechanism to handle X-Forwarded-For with mod_remoteip.

Here are a Tomcat valve RemoteIpValve and a servlet filter XForwardedFilter to repectively integrate the X-Forwarded-For and X-Forwarded-Proto (http or https) headers at the Tomcat and WAR levels.

Thanks to these valve and filter, the actual client ip and the incoming protocol (http/https) will be available in Tomcat logs (if you use the valve) and in the servlet API (request.getRemoteAddr(), request.getRemoteHost(), request.isSecure(), request.getScheme() and request.getServerPort()).
The Tomcat RemoteIpValve has been proposed to the Tomcat Project as Bug 47330 - proposal : port of mod_remoteip in Tomcat as RemoteIpValve.

Hope thise helps,

Cyrille
 
Kris Reid
Ranch Hand
Posts: 247
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
thanks for the info Cyrille.
 
Cyrille Le Clerc
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello,

The RemoteIpValve and the XForwardedFilter have been integrated in the Tomcat Project. The RemoteIpValve will be available in the forthcoming Tomcat 6.0.21 version when the XForwardedFilter has been renamed RemoteIpFilter and will be integrated in Tomcat 7.
The Google Code version of XForwardedFilter will still be interesting for people who want to integrate this features in other servlet containers (Glassfish, JBoss, Weblogic, WebSphere, etc) without importing Tomcat jars.

Cyrille.
 
Greenhorn
Posts: 28
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks for the update Cyrille

 
Cyrille Le Clerc
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello,

The RemoteIpValve is now available in Tomcat 6.0.24. I didn't yet have the time to merge in Tomcat's documentation all the docs we wrote. If you are interested in more details about the handling of X-Forwarded-For, internal proxies, trusted proxies, X-Forwarded-Proto or scenarios to handle SSL with tomcat preceded by Apache Httpd and/or load balancers, please have a look at :
  • Google Code: RemoteIpValve
  • Tomcat : Adresse IP de l’internaute, load balancer, reverse proxy et header Http X-Forwarded-For (French but google translate friendly)
  • Tomcat, SSL, communications sécurisées et X-Forwarded-Proto (French but google translate friendly with many drawings)


  • thanks again for your interest in the RemoteIpValve,

    Cyrille
     
    Krem Reid
    Greenhorn
    Posts: 28
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    Excellent Cyrille.
    Really appreciate the update

     
    Greenhorn
    Posts: 2
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    Cyrille -

    Like the RemoteIpValve but have one question.

    I am using the RemoteIpValve to correctly set request.isSecure and request.scheme but I am using the "ProxyPreserveHost" Apache httpd directive so that request.serverHost and request.serverPort are correctly set in Tomcat. Is there anyway to prevent RemoteIpValve from populating the request.serverPort when it detects the presence of the $protocolHeader http header?
     
    Cyrille Le Clerc
    Greenhorn
    Posts: 6
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    Hello Andrew,

    You are right, RemoteIpValve (and RemoteIpFilter) currently override the serverPort when you specify a protocol header (e.g. x-forwarded-proto). Would you like to add a boolean configuration option override-http-server-port-with-protocol-information to disable this behavior for your use case ?

    Thanks for your interest in RemoteIpValve,

    Cyrille

    Andrew Swanson wrote:
    I am using the RemoteIpValve to correctly set request.isSecure and request.scheme but I am using the "ProxyPreserveHost" Apache httpd directive so that request.serverHost and request.serverPort are correctly set in Tomcat. Is there anyway to prevent RemoteIpValve from populating the request.serverPort when it detects the presence of the $protocolHeader http header?

     
    Andrew Swanson
    Greenhorn
    Posts: 2
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    Yes, something like that would be most helpful.

    Cyrille Le Clerc wrote:Hello Andrew,

    You are right, RemoteIpValve (and RemoteIpFilter) currently override the serverPort when you specify a protocol header (e.g. x-forwarded-proto). Would you like to add a boolean configuration option override-http-server-port-with-protocol-information to disable this behavior for your use case ?

    Thanks for your interest in RemoteIpValve,

    Cyrille

    Andrew Swanson wrote:
    I am using the RemoteIpValve to correctly set request.isSecure and request.scheme but I am using the "ProxyPreserveHost" Apache httpd directive so that request.serverHost and request.serverPort are correctly set in Tomcat. Is there anyway to prevent RemoteIpValve from populating the request.serverPort when it detects the presence of the $protocolHeader http header?

     
    Greenhorn
    Posts: 6
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator


    String ipAddress=request.getHeader("X-Forwarded-For");


    request.getRemoteAddr(), it may return 127.0.0.1 if apache redirection has been configured at your deployment server.

    So use whatever you like. You can see also here Client ip-address using java
     
    Consider Paul's rocket mass heater.
    reply
      Bookmark Topic Watch Topic
    • New Topic