[Zope-dev] ProxyPass and SiteAccess getting REMOTE_ADDR
William Noon
noon@snow.cit.cornell.edu
Mon, 12 Feb 2001 21:52:07 -0500
Last week I was setting up an Apache VirtualHost to point to a Zope
object tree using the ProxyPass directive and SiteAccess to get all the
urls right (great stuff!).
However, I noticed that the REMOTE_ADDR was always set to the
proxy host. This makes sense because Zope just gets the host/port from
the socket connection. But I needed the real remote_addr for logging
and user admin. Adding 'Header's wouldn't pass the info to Zope.
The Zope mail archives mentioned the problem a couple of times without
a configuration fix.
A simple fix to the proxy module (in proxy_http.c) will create a new
header called 'Original-Addr' to contain the client's ip address.
Here is a context diff against Apache 1.3.14 that should work even
in the new 2.0 servers:
***************
*** 397,402 ****
--- 397,404 ----
ap_bvputs(f, reqhdrs[i].key, ": ", reqhdrs[i].val, CRLF, NULL);
}
+ ap_bvputs(f, "Original-Addr: ", r->connection->remote_ip, CRLF, NULL);
+
ap_bputs(CRLF, f);
/* send the request data, if any. */
When the request was proxied, the Zope REQUEST will now have a key
'HTTP_ORIGINAL_ADDR' containing the client address.
This key is also now a good indication that the http request went to
the VirtualHost address.
I then made a small change to SiteRoot.py to turn off the url mapping if
HTTP_ORIGINAL_ADDR is present. This is a context diff against the
SiteRoot.py file shipped with Zope 2.3.0:
***************
*** 108,113 ****
--- 108,116 ----
if '_SUPPRESS_SITEROOT' in _swallow(request):
request.setVirtualRoot(request.steps)
return
+ # only run if passed through ProxyPass
+ t = request.environ.get('HTTP_ORIGINAL_ADDR',None)
+ if t == None : return
srd = [None, None]
for i in (0, 1):
srp = ('SiteRootBASE', 'SiteRootPATH')[i]
These two patches have worked well and solved several problems. I hope
others will find them useful.
--Bill Noon
Northeast Regional Climate Center
Cornell University