Today the new project was launched and I encountered a problem. The company used f5 forwarding and the https protocol. However, in our project, request.getScheme() got http instead. The operation and maintenance said it was a problem with our code.. .., I checked the tomcat’s serve. Has anyone encountered this problem? How to solve it?
阿神2017-05-27 17:43:49
https is usually implemented by a reverse proxy (such as F5) (that is, the SSL certificate is configured on the reverse proxy), and Tomcat itself uses the http protocol.
Since the reverse proxy uses layer 7 forwarding, request.getRemoteAddr()不可能得到用户真实IP地址,所以通常在反向代理那边配X-Forwarded-For,Tomcat这边用request.getHeader("X-Forwarded-For")拿到用户真实IP地址)。同样道理,request.getScheme()也不可能得到用户真实的协议,通常会在反向代理那边配X-Forwarded-Proto这种Header,Tomcat这边用request.getHeader("X-Forwarded-Proto") determines whether the user is in https status.
漂亮男人2017-05-27 17:43:49
I don’t understand what your problem is. .
How to use https when tomcat does not have a certificate?
I have never used f5. Similar nginx can uninstall SSL, that is, your application does not need to be aware of https