httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Saunders Jack" <jack.saund...@volvo.com>
Subject RE: [users@httpd] Exchange 2K OWA w/IE clients
Date Thu, 18 Sep 2003 19:07:01 GMT
The OWA front-end server sends (embedded) hard links, based on the OWA front-end hostname:<standard-port>,
to the end-user through the Apache/reverse proxy.
	Use the same hostname for both the public- and backend- access point. That means, if the
 public entry point has the name "owa.webmail.com" then the hostname of the OWA backend server
must be named "owa.webmail.com" as well.

·	on the OWA front-end server,
create a VirtualHost named owa.webmail.com
·	on the reverse proxy,
in the VirtualHost owa.webmail.com add the following proxy rules:
ProxyPass /owa http://owa.webmail.com/owa
ProxyPassReverse /owa http://owa.webmail.com/owa
ProxyPass /exchweb http://owa.webmail.com/exchweb
ProxyPassReverse /exchweb http://owa.webmail.com/exchweb

in /etc/hosts on the Apache/RP enter the line
yourpublicipaddress  owa.webmail.com 

The OWA environment isn't aware of SSL if that is handled by another box
	To make the OWA environment understand that another box between itself and the end-user is
doing the SSL thing, a custom HTTP-HEADER must be sent to the OWA front-end server. This way
the embedded hard links sent to the end-user will be referenced as https://... .

<LocationMatch "/(owa|exchweb)">
  RequestHeader set Front-End-Https on
</LocationMatch> 

This is how we setup our environment and it works great!  


-----Original Message-----
From: Edward Muller [mailto:edwardam@interlix.com]
Sent: Thursday, September 18, 2003 2:47 PM
To: users@httpd.apache.org
Subject: [users@httpd] Exchange 2K OWA w/IE clients


A client of ours recently (last weekend) migrated to Exchange 2K, from
Exchange 5.5.

Before the migration apache proxied Exchange 5.5's OWA just fine with a
simple rewrite rule.

After the upgrade it didn't work. So we did a little research and came
up with the following directive set that works for NON-IE clients (i.e.
it works fine with Mozilla/FireBird, Opera seems to have the same
problem as IE though regardless of Identify string):

ProxyPreserveHost On
RequestHeader set front-end-https: on
ProxyPass /exchange http://172.19.2.10/exchange
ProxyPassReverse /exchange http://172.19.2.10/exchange
ProxyPass /exchweb http://172.19.2.10/exchweb
ProxyPassReverse /exchweb http://172.19.2.10/exchweb
ProxyPass /public http://172.19.2.10/public
ProxyPassReverse /public http://172.19.2.10/public

The 172.19.2.10 IP is their exchange server sitting on a private subnet
behind the firewall.

The HTML passed to IE/Opera is different than the HTML passes to
Mozilla/Firebird. The HTML itself loads okay (with a single
authentication check), but I seem to get an authentication check for
each <img/> that is being loaded in the IE page. I took a look at the
HTML and the <img/>'s src is all withing the Proxied space so it's a
little confusing.. For instance...

One of the images is https://<webserver>/exchweb/img/tool-move.gif,
which should just be proxied without problems AFAICT.

Even if I put in the proper credentials for each img the img still
doesn't load.

Oh, and we did turn off windows integrated authentication as well.

Has anyone run into this? Does anyone know what we are doing wrong?

Thanks,


-- 
Edward Muller - http://www.interlix.com - "Open Source Specialists"
Dedicated Zope Hosting - Web Hosting - Open Source Consulting
Network & PC Service & Support - Custom Programming
Phone: 417-862-0573 - Cell: 417-844-2435 - Fax: 417-862-0572
Jabber: edwardam@jabber.interlix.com - AIM: edwardam453 - ICQ: 287033

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message