Skip to content

Commit 0ebddf7

Browse files
abh1sarabh1sar
committed
log the forwarded ip address in access log if the setting proxy.header.verify is enabled
1 parent 8b9f5fd commit 0ebddf7

File tree

2 files changed

+9
-22
lines changed

2 files changed

+9
-22
lines changed

client/src/main/java/org/apache/cloudstack/ACSRequestLog.java

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -18,19 +18,26 @@
1818
//
1919
package org.apache.cloudstack;
2020

21+
import com.cloud.api.ApiServlet;
2122
import com.cloud.utils.StringUtils;
2223
import org.eclipse.jetty.server.NCSARequestLog;
2324
import org.eclipse.jetty.server.Request;
2425
import org.eclipse.jetty.server.Response;
2526
import org.eclipse.jetty.util.DateCache;
2627
import org.eclipse.jetty.util.component.LifeCycle;
2728

29+
import java.net.InetAddress;
2830
import java.util.Locale;
2931
import java.util.TimeZone;
3032

3133
import static org.apache.commons.configuration.DataConfiguration.DEFAULT_DATE_FORMAT;
3234

35+
import javax.inject.Inject;
36+
3337
public class ACSRequestLog extends NCSARequestLog {
38+
@Inject
39+
ApiServlet apiServlet;
40+
3441
private static final ThreadLocal<StringBuilder> buffers =
3542
ThreadLocal.withInitial(() -> new StringBuilder(256));
3643

@@ -51,9 +58,8 @@ public void log(Request request, Response response) {
5158
StringBuilder sb = buffers.get();
5259
sb.setLength(0);
5360

54-
sb.append(request.getHttpChannel().getEndPoint()
55-
.getRemoteAddress().getAddress()
56-
.getHostAddress())
61+
InetAddress remoteAddress = apiServlet.getClientAddress(request);
62+
sb.append(remoteAddress)
5763
.append(" - - [")
5864
.append(dateCache.format(request.getTimeStamp()))
5965
.append("] \"")

client/src/main/java/org/apache/cloudstack/ServerDaemon.java

Lines changed: 0 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -24,15 +24,12 @@
2424
import java.io.InputStream;
2525
import java.lang.management.ManagementFactory;
2626
import java.net.URL;
27-
import java.util.Arrays;
2827
import java.util.Properties;
2928

30-
import com.cloud.api.ApiServer;
3129
import org.apache.commons.daemon.Daemon;
3230
import org.apache.commons.daemon.DaemonContext;
3331
import org.apache.commons.lang3.StringUtils;
3432
import org.eclipse.jetty.jmx.MBeanContainer;
35-
import org.eclipse.jetty.server.ForwardedRequestCustomizer;
3633
import org.eclipse.jetty.server.HttpConfiguration;
3734
import org.eclipse.jetty.server.HttpConnectionFactory;
3835
import org.eclipse.jetty.server.RequestLog;
@@ -193,7 +190,6 @@ public void start() throws Exception {
193190
httpConfig.setResponseHeaderSize(8192);
194191
httpConfig.setSendServerVersion(false);
195192
httpConfig.setSendDateHeader(false);
196-
addForwardingCustomiser(httpConfig);
197193

198194
// HTTP Connector
199195
createHttpConnector(httpConfig);
@@ -216,21 +212,6 @@ public void start() throws Exception {
216212
server.join();
217213
}
218214

219-
/**
220-
* Adds a ForwardedRequestCustomizer to the HTTP configuration to handle forwarded headers.
221-
* The header used for forwarding is determined by the ApiServer.listOfForwardHeaders property.
222-
* Only non empty headers are considered and only the first of the comma-separated list is used.
223-
* @param httpConfig the HTTP configuration to which the customizer will be added
224-
*/
225-
private static void addForwardingCustomiser(HttpConfiguration httpConfig) {
226-
ForwardedRequestCustomizer customiser = new ForwardedRequestCustomizer();
227-
String header = Arrays.stream(ApiServer.listOfForwardHeaders.value().split(",")).findFirst().orElse(null);
228-
if (com.cloud.utils.StringUtils.isNotEmpty(header)) {
229-
customiser.setForwardedForHeader(header);
230-
}
231-
httpConfig.addCustomizer(customiser);
232-
}
233-
234215
@Override
235216
public void stop() throws Exception {
236217
server.stop();

0 commit comments

Comments
 (0)