Shibboleth audit logging - Fails to capture client browser IP (x-forwarded-for) in IdP/Tomcat
Petursson, Sigurdur
spetursson at miami.edu
Tue Mar 7 10:09:24 EST 2017
Our system architecture is:
F5 -> WinServer2012/IIS -> WinServer2012/Tomcat6.
We followed this documented approach to get the x-forwarded-for IP info
into our Shib audit logs:
http://serverfault.com/questions/516376/logging-x-forwarded-for-ip-in-shibboleths-audit-logs
In server.xml:
...
<Valve className="org.apache.catalina.valves.RemoteIpValve"
remoteIpHeader="X-Forwarded-For"
protocolHeaderHttpsValue="https" />
...
In logging.xml under the IDP_AUDIT appender:
...
<encoder
class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
<charset>UTF-8</charset>
<Pattern>%msg|%X{req.xForwardedFor}|%n</Pattern>
</encoder>
...
This has been unsuccessful so far, no client IP appears in the log. Any
ideas?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20170307/10833504/attachment.html>
More information about the users
mailing list