Tomcat RemoteIpValve as a Nuxeo 5.x Reverse Proxy solution
Tomcat RemoteIpValve would be convenient to use to solve Nuxeo 5.x WebDAV & CMIS Reverse Proxy issues. It might also eliminate the need for the custom nuxeo-virtual-host request header property in the web application.
Unfortunately, RemoteIpValve is only available in Tomcat 6.0.21+ and Nuxeo 5.5 bundles Tomcat 6.0.20. Any plans to upgrade the bundled Tomcat version in the future? Also, any plans to officially support/document RemoteIpValve as a reverse proxy solution?
We'll update to Tomcat 6.0.35 if no problems are encountered. And maybe even Tomcat 7.0.26 but this would probably imply some small code changes so is less certain. NXP-9131.
Note that you can probably upgrade Tomcat yourself, there aren'y many places where Nuxeo changes it (some XML and some libs, and the ROOT context for WSS). There's a forum or answers.nuxeo.com question somewhere where we described the changes made to a regular Tomcat during install… Or do a diff with a stock 6.0.20 to be sure.
The RemoteIpValve class has a useful debug-level logging statement that I would like to include in the logs. However, updating the $NUXEO_HOME/lib/log4j.xml does not seem to enable debug-level logging for classes within the org.apache.catalina package. (see question http://answers.nuxeo.com/questions/2111/how-do-i-enable-debug-logging-for-category-orgapachecatalina-in-the-tomcat-distribution).