Solved

Apache 2 REMOTE_ADDR with ProxyPass

Posted on 2009-07-13
11
4,157 Views
Last Modified: 2012-05-07
Hi

I am using Apache 2 on Fedora Core 8 to proxy Oracle Application Express (apex) running on Oracle XE. I am using

ProxyPass /apex http://127.0.0.1:8080/apex
ProxyPassReverse /apex http://127.0.0.1:8080/apex

The problem is that When I read REMOTE_ADDR from within Apex it returns me 127.0.0.1 instead of IP of the user. I belive this is happening since Apex is receiving requests from Apache not directly by the end-user.

Can someone suggest an easy solution to this. I am not quite expert on Apache just do some easy tasks.

I have also attached my Apache configuration file with this.
httpd.txt
0
Comment
Question by:systemsautomation
  • 5
  • 5
11 Comments
 
LVL 43

Expert Comment

by:ravenpl
ID: 24841000
Apart from REMOTE_ADDR look at VIA header, which should be appended to the http request on proxies.
0
 
LVL 43

Expert Comment

by:ravenpl
ID: 24841017
Actually I meant HTTP_X_FORWARDED_FOR header - sorry.
0
 

Author Comment

by:systemsautomation
ID: 24841211
Thanks for reply.
Can you please guide me how to APPEND it. I am a bigener in this area.
Sorry if my question seems to be stupid.
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 43

Expert Comment

by:ravenpl
ID: 24841245
The apache proxy module should do it by default. It's the server side application should check if the header is present, if so, it should contain list of forwarded-for IPs
The "Via" http header should contain a list of proxies that forwarded the request.
0
 

Author Comment

by:systemsautomation
ID: 24846885
I tried your suggestion but it returns null

htp.p(
  owa_util.get_cgi_env('REMOTE_ADDR')|| '  -  '||
  owa_util.get_cgi_env('HTTP_X_FORWARDED_FOR') );


returns

127.0.0.1 -

I just read a post on Oracle Apex Forum
http://forums.oracle.com/forums/thread.jspa?messageID=1262928�

It seems that HTTP_X_FORWARDED_FOR is not being used by Oracle XE. It is using X-Oracle-Cache-User instead. But to setup this there is some Rewrite required. But when I am writing

DocumentRoot "/var/www/vh.dbserver"
ServerName vh.dbserver

<Directory "/var/www/vh.dbserver">
allow from all
Options +Indexes

RewriteEngine On

RewriteCond %{REMOTE_ADDR} ^(.*)
RewriteRule ^.* - env=MY_VAL:%1
RequestHeader set X-Oracle-Cache-User "%{MY_VAL}e"

RewriteCond %{REQUEST_URI} /((^/+)(/.*)*)$
RewriteCond %2 =apex OR
RewriteCond %2 =i OR
RewriteCond %2 =public OR
RewriteCond %2 =sys
RewriteRule ^/(.*) http://192.168.0.10:8080/%1 [P]

</Directory>


Syntax error on line 1079 of /etc/httpd/conf/httpd.conf:
RewriteCond: bad flag delimiters


Please help me It is very urgent.

Zulqarnain
0
 
LVL 43

Expert Comment

by:ravenpl
ID: 24847079
> owa_util.get_cgi_env('HTTP_X_FORWARDED_FOR') );
The exact header is "X-Forwarded-For", HTTP_X_FORWARDED_FOR is php's name only.
Therefore try either get_cgi_env('X_FORWARDED_FOR') or get_cgi_env('X-FORWARDED-FOR')
Or maybe You can directly read http request headers?
Unfortunately I'm not familiar with apex.

As for Your rules, try simply adding simply appending the required variable, no need for actual rules

RequestHeader set X-Oracle-Cache-User %{REMOTE_ADDR}

The error comes from the fact, that "OR" has to be "[OR]"
0
 

Author Comment

by:systemsautomation
ID: 24847368
Now I feel a little closer to the solution:

RequestHeader set X-Oracle-Cache-User %{REMOTE_ADDR}

Gives Syntax error on line 1096 of /etc/httpd/conf/httpd.conf:
Unrecognized header format %

So I added e at the end of the statement making it

RequestHeader set X-Oracle-Cache-User %{REMOTE_ADDR}e

it returns

HTTP_X_ORACLE_CACHE_USER = (null)


But when I change it to

RequestHeader set X-Oracle-Cache-User %{REMOTE_ADDR}e

Then i changed it to

RequestHeader set X-Oracle-Cache-User 123

Just to test it if Oracle is receiving or not

HTTP_X_ORACLE_CACHE_USER = 123

Not it seems Oracle is receving but %{REMOTE_ADDR}e is not setting any value.

I hope that with your support I would be successful in fixing the problem.
0
 
LVL 43

Accepted Solution

by:
ravenpl earned 500 total points
ID: 24847533
Yes, that's strange, You can give a try with quoted " %{REMOTE_ADDR}" but You probably have to workaround that with Your original idea

RewriteEngine On
RewriteCond %{REMOTE_ADDR} (.*)
RewriteRule .* - [E=REMOTEA:%1]
RequestHeader set X-Oracle-Cache-User "%{REMOTEA}"
0
 

Author Comment

by:systemsautomation
ID: 24847717
Yes the following worked

RewriteEngine On
RewriteCond %{REMOTE_ADDR} (.*)
RewriteRule .* - [E=REMOTEA:%1]
RequestHeader set X-Oracle-Cache-User "%{REMOTEA}e"


I am really very much thankful for your constant help & support.

Best regards my friend. You made my day.

Zulqarnain
0
 

Author Closing Comment

by:systemsautomation
ID: 31602804
Thanks a lot
0
 

Expert Comment

by:harvest-soft
ID: 34860786
Hi,

I've a related question to fix a similar problem. I would like to check if the REMOTE_ADDR is same as HTTP_X_FORWARDED_FOR

If not, change the REMOTE_ADDR to HTTP_X_FORWARDED_FOR

This is to get some application see the actual client ip. CRITICAL, so need ASAP.
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Web Site Hosting 10 92
SSL sertificate 5 71
PHP: Insert Data into MySQL 5 56
ignore other .htaccess 2 59
Over the last year I have answered a couple of basic URL rewriting questions several times so I thought I might as well have a stab at: explaining the basics, providing a few useful links and consolidating some of the most common queries into a sing…
Article by: kevp75
Hey folks, 'bout time for me to come around with a little tip. Thanks to IIS 7.5 Extensions and Microsoft (well... really Windows 8, and IIS 8 I guess...), we can now prime our Application Pools, when IIS starts. Now, though it would be nice t…
This tutorial covers a step-by-step guide to install VisualVM launcher in eclipse.
This tutorial explains how to use the VisualVM tool for the Java platform application. This video goes into detail on the Threads, Sampler, and Profiler tabs.

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question