2 Replies Latest reply on Jan 10, 2008 10:14 PM by Ragav Gomatam

    Capturing client IP address

    Umakanth Srinivasan Newbie

      How do I capture the IP of the client which is attempting to login? I browsed some resources on net and found JBAS 1486.

      But its not clear about how to do the configuration. I am using JAVA client to connect to my JBOSS server, during the login process I would like to print the client IP in log file.

      I thought it must be simple to get the info in login() method of my custom implementation of UsernamePasswordLoginModule class, but it does not seem so.

      JBOSS Version: 4.0.5.GA

      Any help would be appreciated

      P.S> I also refferred http://www.javaworld.com/javaworld/jw-09-2002/jw-0913-jaas.html?page=4 where they are speaking about HttpServletRequest. Which I think wont help me in this scenario

        • 1. Re: Capturing client IP address
          Umakanth Srinivasan Newbie

          Still searching for a answer. Am I doing anything terribly wrong????

          • 2. Re: Capturing client IP address
            Ragav Gomatam Novice

            One answer would be writing a Tomcat Valve that intercepts every HttpRequest before it make it to the container. This valve would intercept the request before your login module. I have given an example implementation. Package this in tomcat.sar , & check out how to configure this in jboss & you are set to go. Should not be too difficult

            package test.tomcat;
            
            import java.io.IOException;
            import java.util.ArrayList;
            import java.util.List;
            import java.util.StringTokenizer;
            
            import javax.servlet.ServletException;
            import javax.servlet.http.HttpServletRequest;
            
            import org.apache.catalina.*;
            
            /**
             * The Tomcat valve that transfers credentials into a Principal object,
             * to provide seamless integration between Jaas and the J2EE security model.
             */
            
            public class MyValve implements Valve {
            
             public String getInfo() {
             return null;
             }
            
            
             /**
             * Looks for the Http headers in the originating request and creates a
             * Principal representing these if they exist.
             */
            
             public void invoke(Request request, Response response, ValveContext valveContext)
             throws IOException, ServletException {
            
             // Ha ! Ha !...Got the request before it makes it to Login Module...
            
             HttpRequest httpRequest = (HttpRequest)request;
             HttpServletRequest httpServletRequest = (HttpServletRequest)request.getRequest();
             List roles = new ArrayList();
             String username = (String)httpServletRequest.getHeader("myHeader");
             String rolesAsString = (String)httpServletRequest.getHeader("myList");
            
             StringTokenizer tok = new StringTokenizer(rolesAsString, ",");
             while (tok.hasMoreTokens()) {
             String token = tok.nextToken().trim();
             roles.add(token);
             }
            
             httpRequest.setUserPrincipal(new MyPrincipal(
             httpRequest.getContext().getRealm(), username, roles));
            
             // now execute all other valves
             valveContext.invokeNext(request, response);
             }
            
            }