Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
Received-SPF: pass (nike.apache.org: domain of Ruiyuan_Jiang@liz.com
 designates 156.146.1.180 as permitted sender)
DomainKey-Signature: s=mail; d=liz.com; c=nofws; q=dns;
  h=Received:From:To:Date:Subject:Thread-Topic:Thread-Index:
   Message-ID:References:In-Reply-To:Accept-Language:
   Content-Language:X-MS-Has-Attach:X-MS-TNEF-Correlator:
   acceptlanguage:Content-Type:MIME-Version:
   Content-Transfer-Encoding;
  b=o/7x64lgGASPo/Fyp42/wpzA6/zKq65vNhXHHeJ5r+JWZRbCEQALtFVy
   UQdMb2fE7NlKDp+ZKvzpsMBXhlaZ4hjQ8jCAMwIC4Cz54LAOTsGOTtzJJ
   h+GiUPk8LtMvZc4;
From: Ruiyuan Jiang <Ruiyuan_Jiang@liz.com>
To: "users@httpd.apache.org" <users@httpd.apache.org>
Date: Tue, 1 Dec 2009 10:23:59 -0500
Thread-Topic: [users@httpd] Passing remote client IP address to backend
 server and session stickness
Thread-Index: AcpyLAYoIwdIJMM/SlqzqJlBKEDC5wAbPqpA
Message-ID: <FBCF1B116B45A3408BD3FA651E2B8336023E23D5DD@USANBREX01.ds.liz.com>
References: <FBCF1B116B45A3408BD3FA651E2B8336023E23D49C@USANBREX01.ds.liz.com>
 <4B147BE9.7060009@rowe-clan.net>
In-Reply-To: <4B147BE9.7060009@rowe-clan.net>
Accept-Language: en-US
Content-Language: en-US
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Subject: RE: [users@httpd] Passing remote client IP address to backend
 server and session stickness

Hi, William

For your answer to my question 1, current I use BlueCoat reverse proxy whic=
h is passing internet remote client IP to the backend server. We'd like to =
migrate the reverse proxy server to Apache server. The rest network setup h=
as not been changed.=20

For your answer to my question2, it is my fault that I did not post all the=
 related statements. Here they are:

<Proxy balancer://backend>
   BalancerMember https://backend1:443 keepalive=3Don
   BalancerMember https://backend2:443 keepalive=3Don
 </Proxy>
 ProxyPass       /       balancer://backend/
 ProxyPassReverse        /       balancer://backend/ stickysession=3DJSESSI=
ONID|jsessionid

Like I said, the Apache does not stick the https session to one particular =
server for the session.

Ryan Jiang

-----Original Message-----
From: William A. Rowe Jr. [mailto:wrowe@rowe-clan.net]=20
Sent: Monday, November 30, 2009 9:14 PM
To: users@httpd.apache.org
Subject: Re: [users@httpd] Passing remote client IP address to backend serv=
er and session stickness

I realize I just answered you, but in response to your explicit and
specific questions;

Ruiyuan Jiang wrote:
>=20
> Question 1: Is there a way to pass Internet users' IP address to backend =
server through Apache reverse proxy server? I am testing that feature so fa=
r no luck. My backend server gets Apache proxy server's IP address. But I'd=
 like to have Internet users' IP being passed through Apache. This is http =
request.

Only if this information has been shared with you by the upstream proxy
or router/gateway/forward proxy.  E.g. - what mod_remoteip is designed
to decode, ---when the information is presented---.

> Question 2: I am testing another Apache reverse proxy which proxies two b=
ackend https servers. I am trying to use mod_proxy_balancer.
>=20
> <proxy balancer://mycluster>
> 	Balancermember https://192.168.1.1:443 keepalive=3Don
> 	Balancermember https://192.168.1.2:443 keepalive=3Don
> </proxy>
>=20
> Proxypass /test balancer:mycluster/
>=20
> When I test to access the site, I got login prompt from first server whic=
h I saw from access log. I typed in login name and password. I got the logi=
n prompt back but from the log I saw the connectivity was back from server =
2. It seems to me like round robin connection to backend server by Apache. =
I tried with keyword "JSESSION" but no luck. Does anyone know how to config=
ure Apache so the same connection always goes through the same backend http=
s (http) server. Thanks in advance.

Are you forgetting your ProxyPassReverse statements?  As of the current
version, the syntax above (but wtf happened to your // before mycluster???)
would work just fine for a ProxyPassReverse rule.

> This message (including any attachments) is intended
> solely for the specific individual(s) or entity(ies) named
> above, and may contain legally privileged and
> confidential information. If you are not the intended=20
> recipient, please notify the sender immediately by=20
> replying to this message and then delete it.
> Any disclosure, copying, or distribution of this message,
> or the taking of any action based on it, by other than the
> intended recipient, is strictly prohibited.

You have emailed a public list.  Your intended individuals are the world.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


This message (including any attachments) is intended
solely for the specific individual(s) or entity(ies) named
above, and may contain legally privileged and
confidential information. If you are not the intended=20
recipient, please notify the sender immediately by=20
replying to this message and then delete it.
Any disclosure, copying, or distribution of this message,
or the taking of any action based on it, by other than the
intended recipient, is strictly prohibited.


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org