This is an automated email from the ASF dual-hosted git repository.
isapir pushed a commit to branch enhance-remoteipfilter-xrequestid
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit 5f24286226c5eb28e383fcaf682f310ca29e8c44
Author: Igal Sapir <isa...@apache.org>
AuthorDate: Tue Oct 1 21:38:53 2024 -0700
Added optional X-Request-Id to RemoteIpFilter
---
.../apache/catalina/filters/RemoteIpFilter.java | 57 ++++++++++++++++++++++
webapps/docs/config/filter.xml | 11 +++++
2 files changed, 68 insertions(+)
diff --git a/java/org/apache/catalina/filters/RemoteIpFilter.java
b/java/org/apache/catalina/filters/RemoteIpFilter.java
index 34af331dcf..2195951c31 100644
--- a/java/org/apache/catalina/filters/RemoteIpFilter.java
+++ b/java/org/apache/catalina/filters/RemoteIpFilter.java
@@ -107,6 +107,14 @@ import org.apache.tomcat.util.res.StringManager;
* <td>x-forwarded-for</td>
* </tr>
* <tr>
+ * <td>requestIdHeader</td>
+ * <td>Name of the Http Header read by this servlet filter that holds a
request ID passed by a proxy or the requesting
+ * client</td>
+ * <td>RequestIdHeader</td>
+ * <td>Compliant http header name</td>
+ * <td>x-request-id</td>
+ * </tr>
+ * <tr>
* <td>internalProxies</td>
* <td>Regular expression that matches the IP addresses of internal proxies.
If they appear in the
* <code>remoteIpHeader</code> value, they will be trusted and will not appear
in the <code>proxiesHeader</code>
@@ -210,6 +218,10 @@ import org.apache.tomcat.util.res.StringManager;
* <param-name>protocolHeader</param-name>
* <param-value>x-forwarded-proto</param-value>
* </init-param>
+ * <init-param>
+ * <param-name>requestIdHeader</param-name>
+ * <param-value>x-request-id</param-value>
+ * </init-param>
* </filter>
*
* <filter-mapping>
@@ -476,6 +488,8 @@ public class RemoteIpFilter extends GenericFilter {
protected int serverPort;
+ protected String requestId;
+
public XForwardedRequest(HttpServletRequest request) {
super(request);
this.localName = request.getLocalName();
@@ -568,6 +582,15 @@ public class RemoteIpFilter extends GenericFilter {
return this.remoteHost;
}
+ @Override
+ public String getRequestId() {
+ if (this.requestId != null) {
+ return this.requestId;
+ }
+
+ return super.getRequest().getRequestId();
+ }
+
@Override
public String getScheme() {
return scheme;
@@ -617,6 +640,10 @@ public class RemoteIpFilter extends GenericFilter {
this.remoteHost = remoteHost;
}
+ public void setRequestId(String requestId) {
+ this.requestId = requestId;
+ }
+
public void setScheme(String scheme) {
this.scheme = scheme;
}
@@ -667,6 +694,8 @@ public class RemoteIpFilter extends GenericFilter {
protected static final String REMOTE_IP_HEADER_PARAMETER =
"remoteIpHeader";
+ protected static final String REQUEST_ID_HEADER_PARAMETER =
"requestIdHeader";
+
protected static final String TRUSTED_PROXIES_PARAMETER = "trustedProxies";
protected static final String ENABLE_LOOKUPS_PARAMETER = "enableLookups";
@@ -717,6 +746,11 @@ public class RemoteIpFilter extends GenericFilter {
*/
private String remoteIpHeader = "X-Forwarded-For";
+ /**
+ * @see #setRequestIdHeader(String)
+ */
+ private String requestIdHeader = "";
+
/**
* @see #setRequestAttributesEnabled(boolean)
*/
@@ -843,6 +877,14 @@ public class RemoteIpFilter extends GenericFilter {
}
}
}
+
+ if (!requestIdHeader.isEmpty()) {
+ String requestIdHeaderValue =
request.getHeader(requestIdHeader);
+ if (requestIdHeaderValue != null) {
+ xRequest.setRequestId(requestIdHeaderValue);
+ }
+ }
+
request.setAttribute(Globals.REQUEST_FORWARDED_ATTRIBUTE,
Boolean.TRUE);
if (log.isTraceEnabled()) {
@@ -1016,6 +1058,10 @@ public class RemoteIpFilter extends GenericFilter {
setRemoteIpHeader(getInitParameter(REMOTE_IP_HEADER_PARAMETER));
}
+ if (getInitParameter(REQUEST_ID_HEADER_PARAMETER) != null) {
+ setRequestIdHeader(getInitParameter(REQUEST_ID_HEADER_PARAMETER));
+ }
+
if (getInitParameter(TRUSTED_PROXIES_PARAMETER) != null) {
setTrustedProxies(getInitParameter(TRUSTED_PROXIES_PARAMETER));
}
@@ -1221,6 +1267,17 @@ public class RemoteIpFilter extends GenericFilter {
this.remoteIpHeader = remoteIpHeader;
}
+ /**
+ * <p>Name of the http header from which the request id is extracted.</p>
+ *
+ * <p>Request id propagation is disabled by default. Set a value, e.g.
<code>X-Request-Id</code>, to enable it.</p>
+ *
+ * @param requestIdHeader The header name
+ */
+ public void setRequestIdHeader(String requestIdHeader) {
+ this.requestIdHeader = requestIdHeader;
+ }
+
/**
* Should this filter set request attributes for IP address, Hostname,
protocol and port used for the request? This
* are typically used in conjunction with an {@link AccessLog} which will
otherwise log the original values. Default
diff --git a/webapps/docs/config/filter.xml b/webapps/docs/config/filter.xml
index a3d1af57dc..d8db61b6b0 100644
--- a/webapps/docs/config/filter.xml
+++ b/webapps/docs/config/filter.xml
@@ -1445,6 +1445,10 @@ FINE: Request "/docs/config/manager.html" with response
status "200"
<param-name>protocolHeader</param-name>
<param-value>x-forwarded-proto</param-value>
</init-param>
+ <init-param>
+ <param-name>requestIdHeader</param-name>
+ <param-value>x-request-id</param-value>
+ </init-param>
</filter>]]></source>
<p>Request values:</p>
<table class="defaultTable">
@@ -1685,6 +1689,13 @@ FINE: Request "/docs/config/manager.html" with response
status "200"
specified, the default of <code>x-forwarded-for</code> is used.</p>
</attribute>
+ <attribute name="requestIdHeader" required="false">
+ <p>Name of the HTTP Header read by this valve that holds request ID
+ if passed by the Proxy server or requesting client. Request ID
propagation
+ is disabled by default, but can be enabled by setting this attribute,
+ e.g. to <code>x-request-id</code>.</p>
+ </attribute>
+
<attribute name="internalProxies" required="false">
<p>Regular expression (using <code>java.util.regex</code>) that a
proxy's IP address must match to be considered an internal proxy.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
