The PID-Service can be operated behind a Proxy Server (usually a reverse proxy is used for that purpose). Currently, the EPIC Loging module uses the REMOTE_ADDR HTTP header, which is the address of the proxy server:
I, [2013-02-01T14:15:41.883000 #9001] INFO -- : POST from tkalman1@134.76.10.61 on /handles/11148/ Return format: application/json: >> New
Handle created.
HTTP Proxies set an extra header (X-FORWARDED-FOR) to save the original address of the client.
As the GWDG uses proxies for high available load balancers, we should log the original address instead of the address of the proxy server.
TODO:
- check whether the extra HTTP header is set by a proxy server
- if yes use the extra header instead of RENOTE_ADDRESS
The PID-Service can be operated behind a Proxy Server (usually a reverse proxy is used for that purpose). Currently, the EPIC Loging module uses the REMOTE_ADDR HTTP header, which is the address of the proxy server:
HTTP Proxies set an extra header (X-FORWARDED-FOR) to save the original address of the client.
As the GWDG uses proxies for high available load balancers, we should log the original address instead of the address of the proxy server.
TODO: