I can't say for Couch, but Apache doesn't change the request bodies
when proxying. So if you're proxying an application which doesn't know
how to link to things and include the proxy prefix (/couch or
whatever), it won't work right. When I proxy web applications, I
always end up having to use something like mod_proxy_html to rewrite
content in the page. Obviously this won't work for you, so you might
have to change the internal JavaScript library to take your prefix
into account.
Couch has permissions though I thought. Wouldn't that route be easier?
On Oct 27, 2010, at 8:34 AM, "Kevin R. Coombes" <kevin.r.coombes@gmail.com
> wrote:
> Hi,
>
> For security reasons, our administrators want to put couchdb behind
> an Apache proxy. The setup right now basically provides an
> externally visible URL of the form
> http://proxymachine/couch/myapp
> which maps to the internal URL
> http://couchmachine/myapp
>
> Part of the security point is that the proxy only allows GET
> requests, while people behind the firewall can send PUT, POST, or
> DELETE to the internal machine. The extra "couch" path component
> was inserted on the proxy because it also works as a server for a
> variety of different applications with different stuff going on
> behind the firewall.
>
> The problem, of course, is that the current configuration fails. My
> application relies on the "couch.js" script via a call like
> db = CouchDB("myapp")
> which results in internal references that look like
> /myapp/_design/basic/_view/whatever
> These end up returning a "404 Not Found" error because the proxy
> machine tries to access
> http://proxymachine/myapp/_design/basic/_view/whatever
> Since the "couch" path component is missing, the proxy server does
> not rewrite the call, and so the request fails.
>
> Is there a way to fix this so that the same javascript will run on
> both the proxy server and the internal server?
>
> Thanks for any advice,
> Kevin
|