Author: kkolinko
Date: Tue Nov 22 15:13:49 2011
New Revision: 1205033
URL: http://svn.apache.org/viewvc?rev=1205033&view=rev
Log:
Add clarification to RemoteIpValve and RemoteIpValve that to use their
IP/hostname/port/protocol values in access log you should properly configure
your AccessLogValve.
Modified:
tomcat/trunk/webapps/docs/config/filter.xml
tomcat/trunk/webapps/docs/config/valve.xml
Modified: tomcat/trunk/webapps/docs/config/filter.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/filter.xml?rev=1205033&r1=1205032&r2=1205033&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/config/filter.xml (original)
+++ tomcat/trunk/webapps/docs/config/filter.xml Tue Nov 22 15:13:49 2011
@@ -689,6 +689,17 @@ FINE: Request "/docs/config/manager.html
should be defined first to ensure that the correct client IP address is
presented to the Remote Address/Host filters.</p>
+ <p><strong>Note:</strong> By default this filter has no effect on the
+ values that are written into access log. The original values are restored
+ when request processing leaves the filter and that always happens earlier
+ than access logging. To pass the remote address, remote host, server port
+ and protocol values set by this filter to the access log,
+ they are put into request attributes. Publishing these values here
+ is enabled by default, but <code>AccessLogValve</code> should be explicitly
+ configured to use them. See documentation for
+ <code>requestAttributesEnabled</code> attribute of
+ <code>AccessLogValve</code>.</p>
+
</subsection>
<subsection name="Filter Class Name">
@@ -1019,6 +1030,13 @@ FINE: Request "/docs/config/manager.html
<code>x-forwarded-by</code> is used.</p>
</attribute>
+ <attribute name="requestAttributesEnabled" required="false">
+ <p>Set to <code>true</code> to set the request attributes used by
+ AccessLog implementations to override the values returned by the
+ request for remote address, remote host, server port and protocol.
+ If not set, the default value of <code>true</code> will be used.</p>
+ </attribute>
+
<attribute name="trustedProxies" required="false">
<p>Regular expression (using <code>java.util.regex</code>) that a
proxy's IP address must match to be considered an trusted proxy.
Modified: tomcat/trunk/webapps/docs/config/valve.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/valve.xml?rev=1205033&r1=1205032&r2=1205033&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/config/valve.xml (original)
+++ tomcat/trunk/webapps/docs/config/valve.xml Tue Nov 22 15:13:49 2011
@@ -1251,6 +1251,17 @@
should be defined first to ensure that the correct client IP address is
presented to the Remote Address/Host valves.</p>
+ <p><strong>Note:</strong> By default this valve has no effect on the
+ values that are written into access log. The original values are restored
+ when request processing leaves the valve and that always happens earlier
+ than access logging. To pass the remote address, remote host, server port
+ and protocol values set by this valve to the access log,
+ they are put into request attributes. Publishing these values here
+ is enabled by default, but <code>AccessLogValve</code> should be explicitly
+ configured to use them. See documentation for
+ <code>requestAttributesEnabled</code> attribute of
+ <code>AccessLogValve</code>.</p>
+
</subsection>
<subsection name="Attributes">
@@ -1291,10 +1302,8 @@
<attribute name="requestAttributesEnabled" required="false">
<p>Set to <code>true</code> to set the request attributes used by
AccessLog implementations to override the values returned by the
- request for remote address, remote host, server port and protocol. If
- the attributes are not set, or this attribute is set to
- <code>false</code> then the values from the request will be used. If
not
- set, the default value of <code>true</code> will be used.</p>
+ request for remote address, remote host, server port and protocol.
+ If not set, the default value of <code>true</code> will be used.</p>
</attribute>
<attribute name="trustedProxies" required="false">
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
