The extractRemoteIp() method in MainResource looks at the request headers to figure out as best as possible where the request actually originated from. It works well in the INFO command, but it could be useful in other places. One example would be in the ErrorResource where we put the remote IP in the log but without teasing out the actual IP, so we just get the IP of the Docker container there.

It would be nice to pull this method out into some kind of utility class that could be used in both places, so that we can start to log more thoroughly when remote web browsers touch the game. Doing so would help a lot in identifying and debugging authentication problems.