[DOCS-12384] [OM] Missing Information in Load Balancer Remote IP Header Specification Created: 22/Jan/19 Updated: 29/Oct/23 Resolved: 15/Feb/19 |
|
| Status: | Closed |
| Project: | Documentation |
| Component/s: | Ops Manager |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Doc API | Priority: | Minor - P4 |
| Reporter: | Savanna Endicott (Inactive) | Assignee: | Anthony Sansone (Inactive) |
| Resolution: | Fixed | Votes: | 1 |
| Labels: | None | ||
| Σ Remaining Estimate: | Not Specified | Remaining Estimate: | Not Specified |
| Σ Time Spent: | Not Specified | Time Spent: | Not Specified |
| Σ Original Estimate: | Not Specified | Original Estimate: | Not Specified |
| Sub-Tasks: |
|
||||||||||
| Participants: | |||||||||||
| Days since reply: | 4 years, 51 weeks, 6 days ago | ||||||||||
| Epic Link: | DOCSP-3421 |
| Description |
|
There is information missing from the sections describing purpose of mms.remoteIp.header configuration file setting (Ops Manager configuration). These sections are Load Balancer Remote IP Header and Multiple Ops Manager Application Servers. Both sections need to state that in addition to identifying the originating client's IP address, mms.remoteIp.header configuration also enables use of X-Forwarded-Proto header which is used to propagate the correct protocol in the case of redirects (http or https). If the requests to OM behind a load balancer have this X-Forwarded-Proto header, the requests will redirect to pages using desired protocol if (and only if) this mms.remoteIp.header is configured. |
| Comments |
| Comment by Githook User [ 15/Feb/19 ] |
|
Author: {'name': 'Anthony Sansone', 'email': 'tony.sansone@mongodb.com', 'username': 'atsansone'}Message: ( |
| Comment by Githook User [ 15/Feb/19 ] |
|
Author: {'name': 'Anthony Sansone', 'email': 'tony.sansone@mongodb.com', 'username': 'atsansone'}Message: ( |
| Comment by Anton Lisovenko (Inactive) [ 13/Feb/19 ] |
|
tony.sansone these are the headers supported by Jetty class ForwardedRequestCustomizer which handles these headers. Although the javadoc for the class references this standard as well, I see that the two headers that you mentioned are not there. I personally don't see harm mentioning them as we really support them and I see mentions of these headers in the Internet - so may be someone uses them. We shouldn't mention X-Forwarded-For as our code overrides this header in https://github.com/10gen/mms/blob/2165968ebc997d8cffc2b5efe77f1e12bcd3fb96/server/src/main/com/xgen/svc/core/ServerMain.java#L307. So this means that if the user sets mms.remoteIp.header = X-Forwarded-For then this header will work. But if they set mms.remoteIp.header = some-my-forwarded-header then the OM will read the header with this name, but not the X-Forwarded-For |
| Comment by Savanna Endicott (Inactive) [ 12/Feb/19 ] |
|
anton.lisovenko tony.sansone I would remove X-Proxied-Https, and add X-Forwarded-For |
| Comment by Anthony Sansone (Inactive) [ 08/Feb/19 ] |
|
anton.lisovenko: Where are you getting X-Forwarded-Server and X-Proxied-Https? The others are covered in RFC7239 (https://tools.ietf.org/html/rfc7239#section-5.3 and https://tools.ietf.org/html/rfc7239#section-5.4). I have no way of knowing what those headers do definitively. |
| Comment by Anton Lisovenko (Inactive) [ 22/Jan/19 ] |
|
Just a couple of more details: The full list of headers that are automatically handled by Ops Manager in case mms.remoteIp.header is not empty: * X-Forwarded-Host * X-Forwarded-Server * X-Forwarded-Proto * X-Proxied-Https
|