编程语言
首页 > 编程语言> > java-如何在tomcat访问日志中记录客户端IP和X-Forwarded-For IP

java-如何在tomcat访问日志中记录客户端IP和X-Forwarded-For IP

作者:互联网

如何在tomcat访问日志中记录客户端IP和X-Forwarded-For IP.

我正在使用%{X-Forwarded-For} i,并且如果我通过负载均衡器进行访问,它会记录实际的客户端地址.但是,如果我直接访问tomcat实例,则不会记录实际的客户端地址.在这两种情况下,是否都可以显示实际的客户端IP地址?

解决方法:

http://www.techstacks.com/howto/configure-access-logging-in-tomcat.html开始:

If you are running a version of tomcat greater than version 6.0.21 or tomcat 7, you can take advantage of the new Remote IP Valve. For access logging, the nice thing about this valve is that it will swap the client IP with an IP address passed with the X-Forwarded-For header—automatically—if an IP address is passed in the X-Forwarded-For header. Loading it is pretty easy. Just add the org.apache.catalina.valves.RemoteIpValve to your server.xml before your AccessLogValve declaration. For example:

 <Host name="localhost"  appBase="webapps" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">

  <!-- Remote IP Valve -->
    <Valve className="org.apache.catalina.valves.RemoteIpValve" />

  <!-- Access log processes all example.
    Documentation at: /docs/config/valve.html -->

  <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" 
    prefix="localhost_access_log." suffix=".txt"
    pattern="combined" resolveHosts="false"/>
  -->
</Host>

If you are using a version of tomcat 6 older than 6.0.21 and you want to store the X-Forwarded-For IP address instead, then you could modify the pattern property of your AccessLogValve. You’ll need to remove the “common” or “combined” pattern and replace it with one of the following patterns:

Common Log Format: %{X-Forwarded-For}i %l %u %t "%r" %s %b
Combined Log Format: %{X-Forwarded-For}i %l %u %t %r %s %b %{User-Agent}i %{Referer}i

The main problem here, that RemoteIP Valve does take care of, is that you’ll only get the X-Forwarded-For address in the logs. If you hit the app server directly, bypassing the device that is inserting the X-Forwarded-For header in the request, you won’t get an IP address logged. You will still log a request—you just will not know where it came from.

标签:ip,tomcat,http-headers,load-balancing,java
来源: https://codeday.me/bug/20191025/1928749.html