N. O.
Reputation: 11
Tomcat RemoteIpFilter configuration in web.xml vs server.xml
I had issue of setting RemoteIpFilter in web.xml: I put the following setting in web.xml:
<filter>
<filter-name>RemoteIpFilter</filter-name>
<filter-class>org.apache.catalina.filters.RemoteIpFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>RemoteIpFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
When I sent request to the server with HTTPS header, there is no "Secure" flag.
But if I put
<Valve className="org.apache.catalina.valves.RemoteIpValve"
remoteIpHeader="x-forwarded-for"
protocolHeader="x-forwarded-proto"
protocolHeaderHttpsValue="https" />
in server.xml, the same request, I got "Secure" flag.
We prefer to set configuration in web.xml for each application. Don't know why it doesn't work in web.xml - I set it as indicated in tomcat configuration doc https://tomcat.apache.org/tomcat-8.5-doc/config/filter.html#Basic_configuration_to_handle_'x-forwarded-for'and'x-forwarded-proto
Anyone has any idea about it? Thanks in advance.
Upvotes: 1
Views: 2276
Answers (1)
Brian Di Palma
Reputation: 7487
Add it to the XML:
<filter>
<filter-name>RemoteIpFilter</filter-name>
<filter-class>org.apache.catalina.filters.RemoteIpFilter</filter-class>
<init-param>
<param-name>protocolHeader</param-name>
<param-value>x-forwarded-proto</param-value>
</init-param>
</filter>
Upvotes: 1
Related Questions
- How to use Tomcat RemoteIpFilter in Spring Boot
- Tomcat Remote Address Filter is not working - Tomcat 9.0.X
- Set custom filter on Tomcat 8 using web.xml
- Enable ContainerRequestFilter without web.xml
- Tomcat Remote Address filter doesn't work
- @WebFilter vs. <Filter> in web.xml
- IP Filtering in Tomcat 6
- Using multiple Tomcat Container Provided Filters (Remote Address Filter)
- How to make Tomcat read allow IPs from a different place than server.xml
- Configuring javax.servlet.Filter and javax.xml.rpc.handler.GenericHandler at server level