apache ProxyPass、ProxyReverse 与 AJP
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/1180974/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
ProxyPass, ProxyReverse vs AJP
提问by user121196
I currently have a Tomcat + Apache HTTP server setting to serve my Java servlet:
我目前有一个 Tomcat + Apache HTTP 服务器设置来为我的 Java servlet 提供服务:
ProxyPass /myservice http://localhost:8080/myservice
ProxyPassRerverse /myservice http://localhost:8080/myservice
This is all fine except that myserviceneeds to know the client IP address, which always turns out to be 127.0.0.1 due to the proxy. Is there a solution to get the real IP address? Is AJP an option?
这一切都很好,只是myservice需要知道客户端 IP 地址,由于代理的原因,它总是 127.0.0.1。有没有办法获取真实IP地址?AJP 是一种选择吗?
doGet(HttpServletRequest request, HttpServletResponse response){
request.getRemoteAddr()
}
回答by caskey
Do it like this:
像这样做:
in the apache config:
在 apache 配置中:
<Location /foo>
ProxyPass ajp://localhost:8009/foo
ProxyPassReverse ajp://localhost:8009/foo
</Location>
And then in your server.xml:
然后在你的 server.xml 中:
<Connector port="8009"
enableLookups="false" secure="true" URIEncoding="UTF-8"
tomcatAuthentication="false"
protocol="AJP/1.3" />
That should pass everything through. The AJP protocol passes the info, but http: doesn't.
那应该通过一切。AJP 协议传递信息,但 http: 不传递。
You may not want secure="true", I use that because SSL is handled at the apache layer and I need tomcat to know that the connection should be considered a secure one.
您可能不想要 secure="true",我使用它是因为 SSL 是在 apache 层处理的,我需要 tomcat 才能知道该连接应该被视为安全连接。
回答by rocketscientist
You can read the X-Forwarded-For in the request header.
您可以在请求头中读取 X-Forwarded-For。
From the Apache mod_proxy documentation:
When acting in a reverse-proxy mode (using the ProxyPass directive, for example), mod_proxy_http adds several request headers in order to pass information to the origin server. These headers are:
- X-Forwarded-For: The IP address of the client.
- X-Forwarded-Host: The original host requested by the client in the Host HTTP request header.
- X-Forwarded-Server: The hostname of the proxy server.
Be careful when using these headers on the origin server, since they will contain more than one (comma-separated) value if the original request already contained one of these headers. For example, you can use %{X-Forwarded-For}i in the log format string of the origin server to log the original clients IP address, but you may get more than one address if the request passes through several proxies.
在反向代理模式下(例如,使用 ProxyPass 指令)时, mod_proxy_http 添加多个请求标头以将信息传递给源服务器。这些标题是:
- X-Forwarded-For:客户端的 IP 地址。
- X-Forwarded-Host: Host HTTP 请求头中客户端请求的原始主机。
- X-Forwarded-Server:代理服务器的主机名。
在源服务器上使用这些标头时要小心,因为如果原始请求已经包含这些标头之一,它们将包含多个(逗号分隔)值。例如,您可以在源服务器的日志格式字符串中使用 %{X-Forwarded-For}i 来记录原始客户端的 IP 地址,但是如果请求经过多个代理,您可能会得到多个地址。
In your servlet, you would have:
在您的 servlet 中,您将拥有:
doGet(HttpServletRequest request, HttpServletResponse response){
request.getHeader("X-Forwarded-For")
}
回答by alparslan
this is very simple:
这很简单:
<VirtualHost>
ServerName www.server.com
redirect / http://www.server.com/foo
ProxyRequests off
ProxyPass / ajp://localhost:8009/
</VirtualHost>
