httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Axel-Stéphane SMORGRAV <>
Subject RE: [users@httpd] ProxyPassReverseCookieDomain
Date Wed, 21 Dec 2005 13:22:08 GMT
Changed name of subject back to the original one.

-----Original Message-----
From: Axel-Stéphane SMORGRAV 
Sent: Wednesday, December 21, 2005 2:16 PM
To: Frederick, Fabian
Subject: [users@httpd] RE: [apache] Session release problem

It looks like you end up in a redirect loop for some reason. Since you are using the Authorisation
header for authentication, and not a cookie, there is no reason to believe this is linked
to the ProxyPassReverseCookie* directives. The Location header correctly contains the publicserverIP,
meaning that the ProxyPassReverse does its job. 

The following HTTP requests do not look quite right though:

GET // HTTP/1.1

The first request could be a copy/paste error of yours - I hope it is. Could the second request
somehow trigger your back-end application to issue a redirect ??

I also find the location header of the HTTP 302 suspicious; to me it should contain a full
URI with method, server and path, e.g. https://publicserverIP/ rather than just publicserverIP.

Another thing. If the first argument of ProxyPass ends in a /, the second should also end
in a /:

Proxypass / http://privateserverIP/exchange/ ProxyPassReverse / http://privateserverIP/exchange/

If you search the mailing list archives you will certainly find a number of posts regarding
how to interface Exchange. If memory serves me right, somebody even wrote a little FAQ about
this particular topic a short while ago and posted it on the list.

BTW: In the future, please reply directly to the list rather than to my personal address.


-----Original Message-----
From: Frederick, Fabian []
Sent: Monday, December 19, 2005 9:43 AM
To: Axel-Stéphane SMORGRAV
Subject: [apache] Session release problem

Hi Axel-Stéphane,

Thanks for your help :) I already learned a lot in Apache thanks to your comments.
I've got this damn session problem remaining though :(

Here is complete info about it :

Configuration works on authorized site.Problem appears on authorization and more particulary
on session release :

Authorization level (box asking user/pass)

Host : public server

HTTP/1.x 401 Unauthorized
Server : Microsoft-IIS/6.0 (private server) ...
WWW-Authentificate : Basic Realm="privateserverIP"

When entering right user & pass :

It loops 10 times on the same request :

GET // HTTP/1.1
Host: publicserverIP
User-Agent: Mozilla/5.0
Accept: application/x-shockwave-flash ...
Accept-Language: fr-be,en-us;q=0.7,en;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1 ...
Keep-Alive: 300
Connection: keep-alive
Authorization: Basic ....
HTTP/1.x 302 Object Moved
Date: Mon, 19 Dec 2005 06:56:22 GMT
Server: Microsoft-IIS/6.0
Content-Length: 149
Content-Type: text/html
Location: publicserverIP
X-Powered-By: ASP.NET

My Configuration :
Proxypass / http://privateserverIP/exchange ProxyPassReverse / http://privateserverIP/exchange
ProxyRequests on ProxyPassReverseCookieDomain publicIP privateIP ProxyPassReverseCookiePath
/ /exchange/ (tested with/out it).

Firefox reports the following : url redirection limit overflow.Loading interrupted.This may
be relevant to blocked cookie (french translated message).

When displaying firefox stored cookies, nothing relevant appears : no cookies nor sessions
available for public or private IP servers ...

Maybe it's due to the fact I'm working with a microsoft server (the private server) ? Do you
advice me alternatives like squid reverse proxy or Microsoft one ?

Best regards,

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message