Browse Source

Adding the possibility to add X-Fowarded-For to the logs

master
Philippe Caseiro 1 year ago
parent
commit
356ebbef55
2 changed files with 12 additions and 5 deletions
  1. 8
    5
      dicos/70_shibboleth_sp.xml
  2. 4
    0
      tmpl/apache-shib.conf

+ 8
- 5
dicos/70_shibboleth_sp.xml View File

@@ -74,15 +74,18 @@
74 74
             <variable name='apacheTimeout' type='string' description='Durée de vie des requêtes traitées par Apache (Timeout en s)'>
75 75
                    <value>300</value>
76 76
             </variable>
77
-			<variable name='enableKeepAlive' type='oui/non' description='Activer le KeepAlive (maintenir les threads en vie)'>
78
-				<value>oui</value>
79
-			</variable>
77
+            <variable name='enableKeepAlive' type='oui/non' description='Activer le KeepAlive (maintenir les threads en vie)'>
78
+                <value>oui</value>
79
+            </variable>
80 80
             <variable name='apacheMaxKeepAliveRequests' type='string' description='Nombre maximum de requêtes keep alive' >
81 81
                    <value>100</value>
82 82
             </variable>
83 83
             <variable name='apacheKeepAliveTimeout' type='string' description='Durée de requête keep alive'>
84 84
                    <value>15</value>
85 85
             </variable>
86
+            <variable name="logXForwaredFor" type='oui/non' description="Ecrire la valeur de X-Forwared-For dans les logs ?">
87
+                <value>oui</value>
88
+            </variable>
86 89
         </family>
87 90
         <separators>
88 91
             <separator name='idpEntityID'>Fournisseur d'identitée</separator>
@@ -112,8 +115,8 @@
112 115
         </condition>
113 116
         <condition name='disabled_if_in' source='enableKeepAlive'>
114 117
             <param>non</param>
115
-			<target type='variable'>apacheMaxKeepAliveRequests</target>
116
-			<target type='variable'>apacheKeepAliveTimeout</target>
118
+            <target type='variable'>apacheMaxKeepAliveRequests</target>
119
+            <target type='variable'>apacheKeepAliveTimeout</target>
117 120
         </condition>
118 121
         <group master="federationPartner">
119 122
             <slave>metadataDownload</slave>

+ 4
- 0
tmpl/apache-shib.conf View File

@@ -12,6 +12,10 @@
12 12
 #
13 13
 LoadModule mod_shib /usr/lib64/shibboleth/mod_shib_24.so
14 14
 
15
+%if %%getVar('logXForwaredFor') == "oui"
16
+LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
17
+%end if
18
+
15 19
 #
16 20
 # Turn this on to support "require valid-user" rules from other
17 21
 # mod_authn_* modules, and use "require shib-session" for anonymous

Loading…
Cancel
Save