client ip is not found in the security audit logs while connecting to port enabled using mod_proxy
security audit logs: “The user logged in successfully to the admin console from address 0:0:0:0:0:0:0:1”
but the client IP is captured in access_logs.
/var/log/httpd/access_log: "(null), 192.168.2.192 192.168.2.192 - - [26/Oct/2023:15:24:57 +0530] “GET /audit-policy.jsp HTTP/1.1” 200 26118 “http://192.168.2.118:8009/profile-settings.jsp” “Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/22.214.171.124 Safari/537.36” "
Is your reverse proxy setting the ‘X-Forwarded-For’ headers?
You may need to enable the Openfire system property
adminConsole.forwarded.enabled to parse these headers.
Yes the reverse proxy set with ‘X-Forwarded-For’ headers
adminConsole.forwarded.enabled property is set ti Enable as well
You might have uncovered a bug in Openfire. I have recorded this in a new bug report: [OF-2700] - Ignite Realtime Jira
This issue is likely fixed in the next release of Openfire. Can you please test Openfire 4.8.0 beta to see if the problem is resolved for you with that version?