[DOCS-12384] [OM] Missing Information in Load Balancer Remote IP Header Specification Created: 22/Jan/19  Updated: 29/Oct/23  Resolved: 15/Feb/19

Status: Closed
Project: Documentation
Component/s: Ops Manager
Affects Version/s: None
Fix Version/s: None

Type: Doc API Priority: Minor - P4
Reporter: Savanna Endicott (Inactive) Assignee: Anthony Sansone (Inactive)
Resolution: Fixed Votes: 1
Labels: None
Σ Remaining Estimate: Not Specified Remaining Estimate: Not Specified
Σ Time Spent: Not Specified Time Spent: Not Specified
Σ Original Estimate: Not Specified Original Estimate: Not Specified

Sub-Tasks:
Key
Summary
Type
Status
Assignee
DOCS-12478 Backport DOCS-12384 to v4.0 Backport Sub-Task Closed Anthony Sansone  
Participants:
Days since reply: 4 years, 51 weeks, 6 days ago
Epic Link: DOCSP-3421

 Description   

There is information missing from the sections describing purpose of mms.remoteIp.header configuration file setting (Ops Manager configuration). These sections are Load Balancer Remote IP Header and Multiple Ops Manager Application Servers. Both sections need to state that in addition to identifying the originating client's IP address, mms.remoteIp.header configuration also enables use of X-Forwarded-Proto header which is used to propagate the correct protocol in the case of redirects (http or https). If the requests to OM behind a load balancer have this X-Forwarded-Proto header, the requests will redirect to pages using desired protocol if (and only if) this mms.remoteIp.header is configured. 



 Comments   
Comment by Githook User [ 15/Feb/19 ]

Author:

{'name': 'Anthony Sansone', 'email': 'tony.sansone@mongodb.com', 'username': 'atsansone'}

Message: (DOCS-12478): Backport DOCS-12384 to v4.0
Branch: v4.0
https://github.com/10gen/mms-docs/commit/b2d43000a91092be287ee20331af9605d1b5f5d4

Comment by Githook User [ 15/Feb/19 ]

Author:

{'name': 'Anthony Sansone', 'email': 'tony.sansone@mongodb.com', 'username': 'atsansone'}

Message: (DOCS-12384): Updated HTTP header information.
Branch: master
https://github.com/10gen/mms-docs/commit/81e380cdba845886a8eef5289365144b2c2b11fd

Comment by Anton Lisovenko (Inactive) [ 13/Feb/19 ]

tony.sansone these are the headers supported by Jetty class ForwardedRequestCustomizer which handles these headers. Although the javadoc for the class references this standard as well, I see that the two headers that you mentioned are not there. I personally don't see harm mentioning them as we really support them and I see mentions of these headers in the Internet - so may be someone uses them. We shouldn't mention X-Forwarded-For as our code overrides this header in https://github.com/10gen/mms/blob/2165968ebc997d8cffc2b5efe77f1e12bcd3fb96/server/src/main/com/xgen/svc/core/ServerMain.java#L307. So this means that if the user sets mms.remoteIp.header = X-Forwarded-For then this header will work. But if they set mms.remoteIp.header = some-my-forwarded-header then the OM will read the header with this name, but not the X-Forwarded-For

Comment by Savanna Endicott (Inactive) [ 12/Feb/19 ]

anton.lisovenko tony.sansone I would remove X-Proxied-Https, and add X-Forwarded-For

Comment by Anthony Sansone (Inactive) [ 08/Feb/19 ]

anton.lisovenko: Where are you getting X-Forwarded-Server and X-Proxied-Https? The others are covered in RFC7239 (https://tools.ietf.org/html/rfc7239#section-5.3 and https://tools.ietf.org/html/rfc7239#section-5.4). I have no way of knowing what those headers do definitively. 

Comment by Anton Lisovenko (Inactive) [ 22/Jan/19 ]

Just a couple of more details:

The full list of headers that are automatically handled by Ops Manager in case mms.remoteIp.header is not empty:

* X-Forwarded-Host

* X-Forwarded-Server

* X-Forwarded-Proto

* X-Proxied-Https

 

Generated at Thu Feb 08 08:05:07 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.