httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Axel-St├ęphane SMORGRAV <Axel-Stephane.SMORG...@europe.adp.com>
Subject RE: [users@httpd] https to http proxy with Apache
Date Fri, 12 May 2006 10:00:25 GMT
I guess the response to the POST is a redirect (302) which is not rewritten by any of the ProxyPassReverse
directives. In that case the URL of the Location header probably starts with http://andy:port/
instead of https://my.reverse.proxy.com/

What you need to do is figure out exactly what the value of the Location header of the 302
response is and add a ProxyPassReverse directive that matches that URL.


Looking more closely at your configuration, I notice that you set ProxyPreserveHost On. In
that case redirects from the Tomcats would be to http://my.reverse.proxy.com/, and since there
is no ProxyPassReverse that matches, Location headers would never be adjusted. Basically,
none of the ProxyPassReverse in your configuration would ever match a Location header in a
302 response from Tomcat.

You then have two choices: either turn off ProxyPreserveHost, or change the ProxyPassReverse
accordingly. I cannot see any good reason to use ProxyPreserveHost unless your backend application
generates absolute HTTP links into HTML contents, based on the Host header.

-ascs


-----Original Message-----
From: Bo Najdrovsky [mailto:httpd@najdrovsky.com] 
Sent: Thursday, May 11, 2006 9:36 PM
To: users@httpd.apache.org
Subject: [users@httpd] https to http proxy with Apache

Hello, I have a problem I've been grappling with for the past 3 days 
without much luck so I thought I'd come to the experts.   :-)      I have 
an Apache 2.0.x server, which acts as a load balancing gateway to 
multiple Tomcat servlet containers behind it. This proxying/load 
balancing is done using the combination of mod_rewrite and mod_proxy.  
It has been working very well for traffic over normal HTTP.  I now need 
to make this work over HTTPS between the browsers and the Apache, and 
that's where I'm having the problem.   I configured the Apache server to 
listen for HTTPS requests, and they forward correctly over regular HTTP 
to the Tomcats behind it, however whenever there is an incoming POST 
from a form in the web application, the response from the Tomcat causes 
a switch to HTTP, where I need it to remain HTTPS.  Here's what the 
pertinent portion of the configuration looks like:

RewriteMap tomcats "rnd:/path/to/tomcat-workers.conf"
ProxyPreserveHost On
ProxyTimeout 8000

<Location ~ "/mywebapp">
RewriteEngine On

RewriteCond "%{HTTP_COOKIE}"      "(^};\s*)jsessionid=\w*\.(\w+)($|;)" [NC]
RewriteRule "(.*)"        "http://$(tomcats:%2)%{REQUEST_URI}" [P,L,NC]
RewriteRule "^.*;jsessionid=\w*\.(\w+)($|;)"      
"http://$(tomcats:$1)%{REQUEST_URI}" [P,L,NC]
RewriteRule "(.*)"        "http://$(tomcats:all)%{REQUEST_URI}" [P,L,NC]

ProxyPassRevese http://andy:8012/
ProxyPassRevese http://andy:8022/
ProxyPassRevese http://andy:8032/
ProxyPassRevese http://andy:8042/
</Location>

I suspect that the problem lies somewhere in the ProxyPassReverse, but 
don't know what I could to remedy it. Any suggestions would be welcome.  
Thanks,

Bo


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message