Mercurial > hg > digilib
changeset 1698:7e4396e467de
Add documentation about running Tomcat behind a proxy.
author | Robert Casties <casties@mpiwg-berlin.mpg.de> |
---|---|
date | Tue, 18 Dec 2018 11:35:41 +0100 |
parents | fc8e4f893db1 |
children | 79b95ce5d315 |
files | doc/src/site/markdown/server-setup.md |
diffstat | 1 files changed, 21 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/doc/src/site/markdown/server-setup.md Sun Dec 16 18:49:16 2018 +0100 +++ b/doc/src/site/markdown/server-setup.md Tue Dec 18 11:35:41 2018 +0100 @@ -71,7 +71,8 @@ # do not forward-proxy! ProxyRequests off - # set proxy proto header + # set proxy headers + ProxyPreserveHost On RequestHeader set X-Forwarded-Proto "https" # digilib instances <Proxy balancer://digilibs> @@ -96,4 +97,22 @@ then you should make sure that Jetty processes the `X-Forwarded-*` headers from the proxy server to derive the correct request URL for the servlets. -Please see [this information for Jetty 9.4](http://www.eclipse.org/jetty/documentation/9.4.x/configuring-connectors.html#_proxy_load_balancer_connection_configuration) or [this information for Jetty 8 and earlier versions](https://wiki.eclipse.org/Jetty/Tutorial/Apache#Configuring_mod_proxy_http). +Please see [this information for Jetty 9.4](http://www.eclipse.org/jetty/documentation/9.4.x/configuring-connectors.html#_proxy_load_balancer_connection_configuration) +or [this information for Jetty 8 and earlier versions](https://wiki.eclipse.org/Jetty/Tutorial/Apache#Configuring_mod_proxy_http). + +## Tomcat behind a proxy + +When you are using [Tomcat](https://tomcat.apache.org) as a servlet container behind an Apache or nginx proxy then +you should make sure that Tomcat processes the `X-Forwarded-*` headers from the proxy server to derive the +correct request URL for the servlets. + +Please see the Tomcat documentation about the [Remote IP Valve](https://tomcat.apache.org/tomcat-9.0-doc/config/valve.html#Remote_IP_Valve). +You basically need to add the following XML tag with your proxy's IP numbers to the `Host` tag of your `server.xml` file: +``` + <Valve className="org.apache.catalina.valves.RemoteIpValve" + internalProxies="127\.0\.0\.1|123\.45\.67\.89" + remoteIpHeader="x-forwarded-for" + proxiesHeader="x-forwarded-by" + protocolHeader="x-forwarded-proto" /> +``` +and make sure `ProxyPreserveHost` is set to `on`.