AJP13Connector & HttpServletRequest.getRemoteHost()

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: None
Component/s: None
Labels:
None
Environment:
Jetty HEAD
Apache 1.3.x w/mod_jk (Debian stable - 'sarge') behind NAT forwarding to Jetty (TRUNK as of Saturday 9/12/06)

Number of attachments :
2

Description

The behaviour of getRemoteHost() when using the AJP13Connector has changed since Jetty 5.0.0.

Host A (UA) – HTTP request --> Host B (Apache) — AJP13 request ---> Jetty (AJP13)

In 5.0.0, getRemoteHost() returned the address of the client behind the AJP13 host (i.e. host A in the above)

In current Jetty, getRemoteHost() returns the address of the Apache server (which is the client as far as Jetty is concerned, I suppose...)

Is this behaviour intentional? It confuses the hell out of a few things here, which serve different content depending on which side of the NAT box the user is on.

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending
- Download All

Attachments

ajp_patch.patch

14/Dec/06 5:40 AM

7 kB

Leopoldo Agdeppa III
ajppatch.patch

11/Dec/06 9:07 PM

3 kB

Leopoldo Agdeppa III

Activity

Ascending order - Click to sort in descending order

Hide

Permalink

Russell Howe added a comment - 11/Dec/06 3:09 AM

The behaviour can be demonstrated by the following two URLs:

1) Via Apache & AJP13:

http://www.wreckage.org/remotehost.jsp

(192.168.0.6 is the internal address of the host running Apache+mod_jk)

2) Direct to Jetty's SelectChannelConnector

http://www.wreckage.org:8080/remotehost.jsp

Show

Russell Howe added a comment - 11/Dec/06 3:09 AM The behaviour can be demonstrated by the following two URLs: 1) Via Apache & AJP13: http://www.wreckage.org/remotehost.jsp (192.168.0.6 is the internal address of the host running Apache+mod_jk) 2) Direct to Jetty's SelectChannelConnector http://www.wreckage.org:8080/remotehost.jsp

Hide

Permalink

Leopoldo Agdeppa III added a comment - 11/Dec/06 8:58 PM

The request headers remoteaddr, remotehost and remoteport are egnored because the jetty's implementation of HttpServletRequest doesnt have a mutators on this
properties,

solution is to Extend the Request Class and create an AJP13Request and this will have the accessors and motators for remoteaddr, remoteport and remotehost
and implement on the handler to accept these values and set it on the AJP13Request

Show

Leopoldo Agdeppa III added a comment - 11/Dec/06 8:58 PM The request headers remoteaddr, remotehost and remoteport are egnored because the jetty's implementation of HttpServletRequest doesnt have a mutators on this properties, solution is to Extend the Request Class and create an AJP13Request and this will have the accessors and motators for remoteaddr, remoteport and remotehost and implement on the handler to accept these values and set it on the AJP13Request

Hide

Permalink

Leopoldo Agdeppa III added a comment - 11/Dec/06 8:59 PM

done, sending a patch

Show

Leopoldo Agdeppa III added a comment - 11/Dec/06 8:59 PM done, sending a patch

Hide

Permalink

Leopoldo Agdeppa III added a comment - 11/Dec/06 9:07 PM

fix

Show

Leopoldo Agdeppa III added a comment - 11/Dec/06 9:07 PM fix

Hide

Permalink

Russell Howe added a comment - 12/Dec/06 6:27 AM

I see Ajp13Connection has been patched in trunk, but the following file appears to be missing

jetty/extras/ajp/src/main/java/org/mortbay/jetty/ajp/Ajp13Request.java

Regardless, I've added it from the patch and I'll test this afternoon. Thanks for the speedy turnaround!

Show

Russell Howe added a comment - 12/Dec/06 6:27 AM I see Ajp13Connection has been patched in trunk, but the following file appears to be missing jetty/extras/ajp/src/main/java/org/mortbay/jetty/ajp/Ajp13Request.java Regardless, I've added it from the patch and I'll test this afternoon. Thanks for the speedy turnaround!

Hide

Permalink

Russell Howe added a comment - 12/Dec/06 10:11 AM

Trying with a combination of trunk and the attached patch, I get this:

java.lang.NullPointerException
at org.mortbay.jetty.ajp.Ajp13Connection$RequestHandler.parsedRemoteHost(Ajp13Connection.java:116)
at org.mortbay.jetty.ajp.Ajp13Parser.parseNext(Ajp13Parser.java:336)
at org.mortbay.jetty.ajp.Ajp13Parser.parseAvailable(Ajp13Parser.java:179)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:346)
at org.mortbay.jetty.bio.SocketConnector$Connection.run(SocketConnector.java:217)
at org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:475)

Show

Russell Howe added a comment - 12/Dec/06 10:11 AM Trying with a combination of trunk and the attached patch, I get this: java.lang.NullPointerException at org.mortbay.jetty.ajp.Ajp13Connection$RequestHandler.parsedRemoteHost(Ajp13Connection.java:116) at org.mortbay.jetty.ajp.Ajp13Parser.parseNext(Ajp13Parser.java:336) at org.mortbay.jetty.ajp.Ajp13Parser.parseAvailable(Ajp13Parser.java:179) at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:346) at org.mortbay.jetty.bio.SocketConnector$Connection.run(SocketConnector.java:217) at org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:475)

Hide

Permalink

Leopoldo Agdeppa III added a comment - 14/Dec/06 5:23 AM

Fixed and tested, added error checking for NPE

Jetty-197 Fixed
AJP13Reqeust
+ Lazy Accessor of getRemoteHost, getRemoteAddr, getRemotePort
AJP13Connection
+ handle parsedRemoteHost, set to Request
+ handle parsedRemoteAddr, set to Request
+ handle parsedRemoteHost, set to Request, and fix of NPE incase no RemoteHost is set
+ handle parsedServerName, set to Request
+ handle parsedServerPort, set to Request

Show

Leopoldo Agdeppa III added a comment - 14/Dec/06 5:23 AM Fixed and tested, added error checking for NPE Jetty-197 Fixed AJP13Reqeust + Lazy Accessor of getRemoteHost, getRemoteAddr, getRemotePort AJP13Connection + handle parsedRemoteHost, set to Request + handle parsedRemoteAddr, set to Request + handle parsedRemoteHost, set to Request, and fix of NPE incase no RemoteHost is set + handle parsedServerName, set to Request + handle parsedServerPort, set to Request

Hide

Permalink

Leopoldo Agdeppa III added a comment - 14/Dec/06 5:40 AM

fix patch

Show

Leopoldo Agdeppa III added a comment - 14/Dec/06 5:40 AM fix patch

Hide

Permalink

Leopoldo Agdeppa III added a comment - 19/Dec/06 5:45 AM

Fixed

Show

Leopoldo Agdeppa III added a comment - 19/Dec/06 5:45 AM Fixed

Hide

Permalink

Russell Howe added a comment - 29/Dec/06 4:48 AM

Using current svn trunk, getRemoteHost() still returns the address of the Apache front-end server instead of the original client request's source address.

How can I help debug this one? It might be of use to know that in the AJP traces I'm seeing (e.g. the one I attached to ~~JETTY-195~~), it looks like mod_jk is setting the remote_address ajp request header, but not the remote_host one.

Reverse engineering the trace on ~~JETTY-195~~ as an example, it appears that the request headers are structured as so:

0x02 (JK_AJP13_FORWARD_REQUEST)
0x02 (method = GET)

{list of strings}

where {list of strings}

{length}

{string}

0x0
or
0xff 0xff when the header has no value

So, looking at the 4th packet in the trace, we have

0x02 0x02
(AJP FORWARD of a GET)
0x00 0x08 "HTTP/1.1" 0x00
(8 byte string & null terminator) (protocol - Version in wireshark)
0x00 0x1f "/client_services/casesearch.jsp" 0x00
(31 byte string & null) (req_uri - URI in wireshark)
0x00 0x0d "192.168.4.180" 0x00
(13 byte string & null) (remote_addr - RADDR in wireshark)
0xff 0xff
(blank entry?) (remote_host - RHOST in wireshark)
0x00 0x10 "www.wreckage.org" 0x00
(16 byte string & null) (server_name - SRV in wireshark)
... and it continues

Show

Russell Howe added a comment - 29/Dec/06 4:48 AM Using current svn trunk, getRemoteHost() still returns the address of the Apache front-end server instead of the original client request's source address. How can I help debug this one? It might be of use to know that in the AJP traces I'm seeing (e.g. the one I attached to JETTY-195 ), it looks like mod_jk is setting the remote_address ajp request header, but not the remote_host one. Reverse engineering the trace on JETTY-195 as an example, it appears that the request headers are structured as so: 0x02 (JK_AJP13_FORWARD_REQUEST) 0x02 (method = GET) {list of strings} where {list of strings} is {length} {string} 0x0 or 0xff 0xff when the header has no value So, looking at the 4th packet in the trace, we have 0x02 0x02 (AJP FORWARD of a GET) 0x00 0x08 "HTTP/1.1" 0x00 (8 byte string & null terminator) (protocol - Version in wireshark) 0x00 0x1f "/client_services/casesearch.jsp" 0x00 (31 byte string & null) (req_uri - URI in wireshark) 0x00 0x0d "192.168.4.180" 0x00 (13 byte string & null) (remote_addr - RADDR in wireshark) 0xff 0xff (blank entry?) (remote_host - RHOST in wireshark) 0x00 0x10 "www.wreckage.org" 0x00 (16 byte string & null) (server_name - SRV in wireshark) ... and it continues

Hide

Permalink

Greg Wilkins added a comment - 29/Dec/06 3:27 PM

Fixed this by returning the addr if the host is not set and the host if the addr is not set

Show

Greg Wilkins added a comment - 29/Dec/06 3:27 PM Fixed this by returning the addr if the host is not set and the host if the addr is not set

People

Assignee:

Leopoldo Agdeppa III

Reporter:

Russell Howe

Vote (0)

Watch (0)

Dates

Created:

11/Dec/06 3:05 AM

Updated:

29/Dec/06 3:27 PM

Resolved:

19/Dec/06 5:45 AM