HTTP Proxy with source IP on Tomcat

Run into a situation recently where proxying applications with nginx has masked the source IP - which normally is just annoying, but with Atlassian’s Crowd it’s more of a problem, this can be solved in later versions (Tomcat 6.0.32+) as follows: <Valve className="org.apache.catalina.valves.RemoteIpValve" internalProxies="proxy_IP_address" remoteIpHeader="x-forwarded-for" remoteIpProxiesHeader="x-forwarded-by" protocolHeader="x-forwarded-proto" /> <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost_access." suffix=".log" pattern="combined" resolveHosts="false" /> The following should be used within nginx to forward that data into tomcat.

NON-FREE APT REPOSITORIES Install openssh package if not already installed # apt-get install openssh-server Add the following to /etc/apt/sources.list: deb unstable main non-free deb etch main contrib non-free # apt-get update Install Async IO library for Oracle # apt-get install libaio Install optional extras for converting the JVM to a .deb # apt-get install build-essential fakeroot java-package # download sun binary JDK Create the ”deb” package: