我们最近在我们的域中配置了Apache Load Balancers,通过它可以 balancer HTTP请求并将其传递给各种OSB Web服务 . Apache LB配置了 ProxyPreserveHost On
,执行将客户端的IP地址写入新标头 X-Forwarded-For
的任务 .
然后,我们的OSB Web服务会尝试根据客户端的IP地址以及提供的用户名/密码对客户端请求进行身份验证 . 问题是当OSB流程收到新请求时, X-Forwarded-For
标头无处可见!启用“跟踪”后,请求看起来像这样:
<con:transport>
<con:uri>/ws/service/interface</con:uri>
<con:mode>request-response</con:mode>
<con:qualityOfService>best-effort</con:qualityOfService>
<con:request xsi:type="http:HttpRequestMetaData" xmlns:http="http://www.bea.com/wli/sb/transports/http" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<tran:headers xsi:type="http:HttpRequestHeaders" xmlns:tran="http://www.bea.com/wli/sb/transports">
<http:Accept-Encoding>gzip,deflate</http:Accept-Encoding>
<http:Connection>Keep-Alive</http:Connection>
<http:Content-Length>1285</http:Content-Length>
<http:Content-Type>text/xml;charset=UTF-8</http:Content-Type>
<http:Host>www.a.service.com</http:Host>
<http:SOAPAction>""</http:SOAPAction>
<http:User-Agent>Apache-HttpClient/4.1.1 (java 1.5)</http:User-Agent>
</tran:headers>
<tran:encoding xmlns:tran="http://www.bea.com/wli/sb/transports">UTF-8</tran:encoding>
<http:client-host>www.a.service.com</http:client-host>
<http:client-address>xx.xxx.x.xxx</http:client-address>
<http:http-method>POST</http:http-method>
</con:request>
<con:response xsi:type="http:HttpResponseMetaData" xmlns:http="http://www.bea.com/wli/sb/transports/http" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<tran:headers xsi:type="http:HttpResponseHeaders" xmlns:tran="http://www.bea.com/wli/sb/transports">
<http:Content-Type>text/xml</http:Content-Type>
</tran:headers>
<tran:response-code xmlns:tran="http://www.bea.com/wli/sb/transports">0</tran:response-code>
</con:response>
</con:transport>
client-host
| client-address
值是Apache LB的值,我们期望客户端的源IP地址出现在 trans:headers
的用户 Headers 中 - 如下所示:
<tran:user-header name="X-Forwarded-For" value="yy.yy.yyy.yyy"/>
我已阅读此链接:http://www.javamonamour.org/2014/07/osb-and-load-balancer-source-ip.html但我不确定我们究竟需要做什么 . 我已使用 jconsole
连接到管理服务器,并从用户请求中找到 WebServerMBean
的 ClientIpHeader' (which is currently empty) but it is read-only and there is no setter for it. Any ideas what I need to do exactly in Weblogic OSB in order to retrieve
X-Forwarded-For`标头?
1 回答
除非明确设置,否则OSB不会解析传入的传输头 . 代理本身有一个选项'Get All Headers';启用该复选框将允许在代理内部访问它们 .