|
/
Zope
/
Apsis
/
Pound Mailing List
/
Archive
/
2004
/
2004-07
/
zope (2.7), pound (current) and Z2 log
[
Re: Understanding how SSL is handled / Jonathan ... ]
[
New -current / Robert Segall ... ]
zope (2.7), pound (current) and Z2 log
Sascha Ottolski <sascha.ottolski(at)gallileus.de> |
2004-07-05 11:49:38 |
[ FULL ]
|
Hi,
I've seen the question before, but couldn't find an answer. Is there a
way to let pound not modify the information where the request
originally came from? With the standard setup, zope thinks every
request origninats from the pound server, which is not very
informative.
Thanks, Sascha
[...]
|
|
|
Re: zope (2.7), pound (current) and Z2 log
Hrvoje Husic <pound(at)cgn.toonster.de> |
2004-07-05 12:50:31 |
[ FULL ]
|
Sascha Ottolski schrieb am Montag, 5. Juli 2004:
[...]
You have to log the "X-Forwarded-For" Header.
You should also add a
HeadRemove "(X-Forwarded-For|X-SSL-Connect)"
to your pound.cfg to aviod spoofing the header by others.
[...]
|
|
|
Re: zope (2.7), pound (current) and Z2 log
Sascha Ottolski <sascha.ottolski(at)gallileus.de> |
2004-07-05 20:27:54 |
[ FULL ]
|
Am Montag, 5. Juli 2004 11:49 schrieb Sascha Ottolski:[...]
Sorry responding to my self, but I think I found a dirty, but working
solution. For those interested, I attach a simple patch, which adds one
line, and changes another. The patch is against the current Zope-2.7
cvs, but should apply to the official release as well.
To make it work, you need to set "trusted-proxy" in your zope.conf to
the address of pound. The client's address is then extracted out of the
X-Forwarded-For header.
Cheers,
Sascha
[...]
|
|
|
|
