We're updating the issue view to help you get more done. 

Logging filter ignores X-Forwarded-For request header

Description

The logging filter does not check for the X-Forwarded-For request header when logging the client address. This causes the logging filter to log the address of the proxy server when deploying GeoServer in a WildFly application server and using a proxy. Several GeoServer extensions that use the client address (Control Flow, GeoFence and Monitoring) all use nearly identical code to extract the first address in the X-Forwarded-For header if it is present.

Environment

None

Status

Assignee

Unassigned

Reporter

Steve Ikeoka

Triage

None

Fix versions

Affects versions

2.11.2
2.12-RC1

Components

Priority

Medium