httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Franky Ronaldy <franky.rona...@gmail.com>
Subject Re: [users@httpd] Reverse Proxy Again
Date Mon, 16 Jan 2006 03:37:22 GMT
Great and thanks a lot Oliver. It's working now. I can logon to the
Netweaver through apache reverse proxy. Final configuration which I
have set in my apache :

...<snip>
ProxyRequests Off
ProxyPass /irj http://www.domain.com/irj
ProxyPassReverse /irj http://www.domain.com/irj
ProxyPass /logon http://www.domain.com/irj/logon
ProxyPassReverse /logon http://www.domain.com/irj/logon
ProxyPass /webdynpro http://www.domain.com/webdynpro
ProxyPassReverse /irj http://www.domain.com/webdynpro
ProxyPreserveHost        On
ProxyReceiveBufferSize 4096
ProxyBadHeader           Ignore
<snip>....

Rgds,
Franky

On 1/13/06, Oliver.Schaudt@unilog.de <Oliver.Schaudt@unilog.de> wrote:
> One special thing could be your "/dev" before the normal URI.
> 1. Apache acting as an reverse proxy switches the headers but not the content of the
page itself
> 2. i know that the portal is using sometimes javscript to put a URI together or is using
a redirect inside the URI
> [this shows the thing that after a logon he throws you back to "/logon/portal" and not
to "dev/logo/portal]
>
> I think it only works, if you should use ]from my last mail] the ProxyPass directives
without the "/dev", so that you have
> /irj -> /irj and not /dev/irj -> /irj.
> If you want to have production and development divided than it is better to have a virtual
host for each of them.
>
> bye
> oliver
>
> P.: I don't know but in the beginning of my work with Apache in front and SAP in the
back there was always some problems if i reweite the URI.
>
> ________________________________
>
> Von: Franky Ronaldy [mailto:franky.ronaldy@gmail.com]
> Gesendet: Fr 13.01.2006 11:01
> An: users@httpd.apache.org
> Betreff: Re: [users@httpd] Reverse Proxy Again
>
>
>
> Thank you very much Oliver for your patient and advice.
>
> By the way, I am still very puzzling why I still can't login to the
> SAP WAS behind the apache server. First I thought because of JSESSION
> cookie was not been able to set to the client browser because of using
> reverse proxy.
>
> Have you came accross the same scenario whereby you can't login to SAP
> WAS if go through apache reverse proxy server?
>
> From the data tamper log I notice after click "Log On" button, it will
> go to http://www.domain.com/logon/portal and immediately the http
> connection was closed. I did not see any abnormal situation from the
> HTTP response/request which block me to login into the SAP WAS.
>
> Thanks.
>
> Best Rgds,
> Franky
>
> On 1/13/06, Oliver.Schaudt@unilog.de <Oliver.Schaudt@unilog.de> wrote:
> > Hi Franky,
> >
> > 1. The header line with the cookie has at least 2 parts with the SAP WAS
> >Cookie=saplb_*=(J2EE184141100)184141150; JSESSIONID=(J2EE184141100)ID184141150DB10457613221413343070End
> > Is it possibly that your javascript shows you only the information till the first
semicolon ";" ?
> >
> > I have in my config thes 3 Parameters too
> > ProxyPreserveHost        On
> > ProxyReceiveBufferSize 4096
> > ProxyBadHeader           Ignore
> >
> > The only thing is that i began to use an Apache 2 in front of SAP Web AS with version
2.0.53, but even with an 1.3.26 the JSESSIONID wasn't a problem.
> >
> > If it is still a problem, can you check, waht you reserve from Tomcat with any from
the follwing tools.
> >
> > iehttpheaders http://www.blunck.info/iehttpheaders.html
> > Livehttpheaders http://livehttpheaders.mozdev.org/ <http://livehttpheaders.mozdev.org/>
> > Tamper Data  https://addons.mozilla.org/extensions/moreinfo.php?id=966<https://webmail.unilog.de/exchweb/bin/redir.asp?URL=https://addons.mozilla.org/extensions/moreinfo.php?id=966>
> > With Tamper Data you can track every Request and Response
> >
> >
> > 2. The stickysesssion=JSESSIONID ist only useful and kown by the config when you
are using mod_proxy_balancer [only in 2.2.0]to access more than 1 server in the back.
> >
> >
> > ________________________________
> >
> > Von: Franky Ronaldy [mailto:franky.ronaldy@gmail.com]
> > Gesendet: Fr 13.01.2006 03:56
> > An: users@httpd.apache.org
> > Betreff: Re: [users@httpd] Reverse Proxy Again
> >
> >
> >
> > I have created the simple javascript program to check the cookie which
> > being set by the SAP. And I notice that SAP Netweaver set cookie into
> > my browser :
> >
> > saplb_*,(J2EE2350500)2350550 PortalAlias,portal
> > JSESSIONID,(J2EE2350500)ID2350550DB11007797051053951047End
> >
> > But if I access it through reverse proxy, my cookie is only:
> >
> > saplb_*,(J2EE2350500)2350550 PortalAlias,portal
> >
> > Those JSESSIONID missing from the cookie.
> >
> > I have tried to change the httpd.conf file by putting:
> >
> > ProxyPass /dev/irj http://www.domain.com:50000/irj stickysession=JSESSIONID
> > ProxyPassReverse /dev/irj http://www.domain.com:50000/irj > ProxyPass
> > /dev/logon http://www.domain.com:50000/irj stickysession=JSESSIONID
> > ProxyPassReverse /dev/logon http://www.domain.com:50000/irj ProxyPass
> > /dev/webdynpro http://www.domain.com:50000/webdynpro >
> > ProxyPassReverse /dev/webdynpro http://www.domain.com:50000/webdynpro
> >
> > When I issue command ./apachectl configtest, I got error indicate that
> > ProxyPass only accept 2 parameters only.
> >
> > Any idea how to keep those JSESSIONID remain eventhough through
> > reverse proxy server? Is it a bugs for apache 2.0.46? Should I upgrade
> > to other version?
> >
> > Thanks.
> >
> > Rgds,
> > Franky
> >
> > On 1/12/06, Oliver.Schaudt@unilog.de <Oliver.Schaudt@unilog.de> wrote:
> > >
> > >
> > > Hi Franky,
> > > with a SAP Portal in the background you have to send back more
> > > [i used hier only "irj" because the next contexta in the uri
> > > which the portal wants are "portal" / "portalapps" /"go" and "servlet"
> > > .<snip>
> > > ProxyRequests Off
> > > ProxyPass        /irj http://www.domain.com:50000/irj <http://www.domain.com:50000/irj>
> > > ProxyPassReverse /irj http://www.domain.com:50000/irj <http://www.domain.com:50000/irj>
> > > ProxyPass        /logon http://www.domain.com:50000/irj <http://www.domain.com:50000/irj>
> > > ProxyPassReverse /logon http://www.domain.com:50000/irj <http://www.domain.com:50000/irj>
> > > ProxyPass        /webdynpro http://www.domain.com:50000/webdynpro <http://www.domain.com:50000/webdynpro>
> > > ProxyPassReverse /webdynpro http://www.domain.com:50000/webdynpro <http://www.domain.com:50000/webdynpro>
> > >
> > > # and because the portal sends sometimes some garbled headers
> > > # than put this directive in your config, too
> > > ProxyBadHeader         Ignore
> > > <snip>...
> > >
> > >
> > > With your "dev" inthe path than it should be
> > >
> > > ProxyPass        /dev/irj http://www.domain.com:50000/irj <http://www.domain.com:50000/irj>
> > > ProxyPassReverse /dev/irj http://www.domain.com:50000/irj <http://www.domain.com:50000/irj>
> > > ProxyPass        /dev/logon http://www.domain.com:50000/irj <http://wwwdomain.com:50000/irj>
> > > ProxyPassReverse /dev/logon http://www.domain.com:50000/irj <http://wwwdomain.com:50000/irj>
> > > ProxyPass        /dev/webdynpro http://www.domain.com:50000/webdynpro <http://www.domain.com:50000/webdynpro>
> > > ProxyPassReverse /dev/webdynpro http://www.domain.com:50000/webdynpro <http://www.domain.com:50000/webdynpro>
> > >
> > > You can easily find out what the portal sends to you if you use "tamper Data"
inside Firefox or with a little bit more work "iehtttpheaders"
> > >
> > > bye
> > >
> > > Oliver
> > > ________________________________
> > >
> > > Von: Franky Ronaldy [mailto:franky.ronaldy@gmail.com]
> > > Gesendet: Do 12.01.2006 09:32
> > > An: users@httpd.apache.org
> > > Betreff: [users@httpd] Reverse Proxy Again
> > >
> > >
> > >
> > > Hi,
> > >
> > > I am quite new for reverse proxy. I need some advice from expertise
> > > here. I have to configure apache as a reverse proxy with SAP portal at
> > > the backend. My apache run in linux ES 3 with apache version 2.0.46.
> > >
> > > I have configured httpd.conf to act as a reverse proxy as following:
> > >
> > > .<snip>
> > > ProxyRequests Off
> > > ProxyPass /dev http://www.domain.com:50000/irj/portal
> > > ProxyPassReverse /dev http://www.domain.com:50000/irj/portal
> > > <snip>...
> > >
> > > I can see the login page from http://www.domain.com:5000/irj/portal
> > > but without image, css, etc.... so I add two more lines inside
> > > httpd.conf as following
> > >
> > > .<snip>
> > > ProxyRequests Off
> > > ProxyPass /dev http://www.domain.com:50000/irj/portal
> > > ProxyPassReverse /dev http://www.domain.com:50000/irj/portal
> > > ProxyPass / http://www.domain.com:50000/irj/portal
> > > ProxyPassReverse / http://www.domain.com:50000/irj/portal
> > > LogLevel debug
> > > <snip>...
> > >
> > > After restart apache, I can see everything included all images,  css
> > > so on and so forth. But I can't login to the SAP portal.
> > >
> > > My confusion whether is there anyway I can traceroute the requests
> > > coming into apache until it comes back to apache from the backend?
> > >
> > > Eventhough I check the error log I did not find any clues why I can't
> > > login into the SAP portal at the backend.
> > >
> > > Thanks in advanced for any advice.
> > >
> > > --
> > > Regards,
> > > Franky
> > >
> > > ---------------------------------------------------------------------
> > > The official User-To-User support forum of the Apache HTTP Server Project.
> > > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > >   "   from the digest: users-digest-unsubscribe@httpd.apache.org
> > > For additional commands, e-mail: users-help@httpd.apache.org
> > >
> > >
> > >
> > >
> > > ---------------------------------------------------------------------
> > > The official User-To-User support forum of the Apache HTTP Server Project.
> > > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > >   "   from the digest: users-digest-unsubscribe@httpd.apache.org
> > > For additional commands, e-mail: users-help@httpd.apache.org
> > >
> > >
> >
> >
> > --
> > Regards,
> > Franky
> >
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >   "   from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
> >
> >
> >
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >   "   from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
> >
>
>
> --
> Regards,
> Franky
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>


--
Regards,
Franky

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message