Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm
Precedence: bulk
Reply-To: "Tomcat Users List" <users@tomcat.apache.org>
Received-SPF: pass (athena.apache.org: local policy includes SPF record at
 spf.trusted-forwarder.org)
Message-ID: <5274227D.9030607@christopherschultz.net>
Date: Fri, 01 Nov 2013 17:51:57 -0400
From: Christopher Schultz <chris@christopherschultz.net>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9;
 rv:24.0) Gecko/20100101 Thunderbird/24.1.0
MIME-Version: 1.0
To: Tomcat Users List <users@tomcat.apache.org>
Subject: Re: Multi-URL Access 1 Webapp
References: <1943512527.18194.1379102725857.JavaMail.root@electrichendrix.com>
 <5267E74D.5030008@christopherschultz.net>
 <1392742335.150776.1382544360130.JavaMail.root@electrichendrix.com>
 <52680E93.4060800@christopherschultz.net>
 <1840147813.78648.1383243416757.JavaMail.root@electrichendrix.com>
 <C2DA492BBE9AD2489583E1F6C10E92E507BA4463FD@USEXCMS1.dunnhumby.co.uk>
 <774947895.78871.1383247854986.JavaMail.root@electrichendrix.com>
 <52738468.60404@internetallee.de>
 <1831730835.84840.1383326180741.JavaMail.root@electrichendrix.com>
In-Reply-To: 
 <1831730835.84840.1383326180741.JavaMail.root@electrichendrix.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Chris,

On 11/1/13, 1:16 PM, Chris Arnold wrote:
> Am 31.10.2013 20:30, schrieb Chris Arnold:
>>> mod_rewrite is what's adding the extra /share/ RewriteRule
>>> ^/(.*) https://192.168.123.3:8443/share/$1 [P] should be
>>> something like either: RewriteRule ^/(.*)
>>> https://192.168.123.3:8443/$1 [P]
>> This takes me to the tomcat home page, /
> If you want to be redirected to /share when the user typed /, you
> could add a rewrite rule like RewriteRule ^/$ /share [R,L] This
> will match only on "/".
>> 
>>> or: RewriteRule ^/share/(.*)
>>> https://192.168.123.3:8443/share/$1 [P]
>> This one gives me a 403 access denied
> 
> Here is a response from the apache list: <snip> what is happening
> is when you go to https://share.example.com, Tomcat tries to
> redirect you to /xxx/xxx/ If you go directly to
> https://share.example.com/2ndpage/ then you get the login form, but
> none of the resources (images, css) that should go along with it. 
> (I do not know why proxy is not working directly to the root, it
> would probably be a lot of trouble to investigate.)
> 
> In general, that is the point of ProxyPassReverse: to catch this
> type of response and rewrite it. We did not look at that much, but
> it could potentially solve the problem. I suspect it would need to
> be something like (one or both, depending on exactly what is
> happening) ProxyPassReverse / https://192.168.123.3:8443/xxx/ 
> ProxyPassReverse / https://share.example.com/xxx/
> 
> Another option is to look for a setting in Tomcat that would remove
> /xxx. I don't know anything about alfresco, so I am not sure where
> to start with that.
> 
> A third option might be to use mod_jk instead of Proxy, but I don't
> know exactly how to do that either. </snip>
> 
> So i was not able to get any of those to work. So i moved to the
> third option, mod_jk. It is loaded. I make the changes in my
> vhost: #This rewrites https://share.anydomain.tld to our share
> server RewriteEngine On RewriteCond %{HTTP_HOST} ^share\. 
> RewriteCond %{HTTPS} on RewriteRule ^/(.*)
> ajp://192.168.123.3:8443/share/$1 [P]

The above is not using mod_jk. If you are using mod_jk, then you are
either using the "JkMount" directive, or the "SetHandler jk"
directive. Anything else is using mod_proxy_(http|ajp).

> This gives internal server error 500 when going to
> https://share.example.com. Here are the apache logs:
> 
> Fri Nov 01 12:49:32 2013] [notice] Apache/2.2.12 (Linux/SUSE)
> mod_ssl/2.2.12 OpenSSL/0.9.8j-fips mod_jk/1.2.26 PHP/5.2.14 with
> Suhosin-Patch mod_perl/2.0.4 Perl/v5.10.0 configured -- resuming
> normal operations [Fri Nov 01 12:49:41 2013] [warn] proxy: No
> protocol handler was valid for the URL /. If you are using a DSO
> version of mod_proxy, make sure the proxy submodules are included
> in the configuration using LoadModule. [Fri Nov 01 12:49:41 2013]
> [warn] proxy: No protocol handler was valid for the URL
> /error/HTTP_INTERNAL_SERVER_ERROR.html.var. If you are using a DSO
> version of mod_proxy, make sure the proxy submodules are included
> in the configuration using LoadModule. [Fri Nov 01 12:50:07 2013]
> [warn] proxy: No protocol handler was valid for the URL
> /share/page/. If you are using a DSO version of mod_proxy, make
> sure the proxy submodules are included in the configuration using
> LoadModule. [Fri Nov 01 12:50:07 2013] [warn] proxy: No protocol
> handler was valid for the URL
> /error/HTTP_INTERNAL_SERVER_ERROR.html.var. If you are using a DSO
> version of mod_proxy, make sure the proxy submodules are included
> in the configuration using LoadModule. [Fri Nov 01 12:50:07 2013]
> [warn] proxy: No protocol handler was valid for the URL
> /favicon.ico. If you are using a DSO version of mod_proxy, make
> sure the proxy submodules are included in the configuration using
> LoadModule. [Fri Nov 01 12:50:07 2013] [warn] proxy: No protocol
> handler was valid for the URL
> /error/HTTP_INTERNAL_SERVER_ERROR.html.var. If you are using a DSO
> version of mod_proxy, make sure the proxy submodules are included
> in the configuration using LoadModule. [Fri Nov 01 12:50:07 2013]
> [warn] proxy: No protocol handler was valid for the URL
> /favicon.ico. If you are using a DSO version of mod_proxy, make
> sure the proxy submodules are included in the configuration using
> LoadModule. [Fri Nov 01 12:50:07 2013] [warn] proxy: No protocol
> handler was valid for the URL
> /error/HTTP_INTERNAL_SERVER_ERROR.html.var. If you are using a DSO
> version of mod_proxy, make sure the proxy submodules are included
> in the configuration using LoadModule

... or not using anything at all. Only mod_proxy_ajp understands
ajp:// URLs.

> How can i get users to type in http://share.example.com and this
> land on https://share.example.com/xxx/xxx?
<VirtualHost ...>
   ServerName share.example.com
   RedirectPermanent / https://share.example.com/xxx/xxx?
</VirtualHost>

?

Honestly, I don't know why you don't just use a redirect instead of
trying to modify requests in-flight. Redirects are easy and set
everything up for the user with a single request/response without
having to do all kinds of backflips.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJSdCJ9AAoJEBzwKT+lPKRYBd8QAKnEaoo0h6zV7N5tGSRGlEI9
EozedC5YCnUDKx6PqR7uNUaVTY9lGIwsXSeseI0uUqNzG7OVgMJkwNZcnqEEUvpQ
6e2zQpuf1prc6sUWvISWGmydd3NzoTZilPkGMigGQc94B+KPACZdIb8rTyVZ9wl7
OSHahwlK4YPH2xzrJbDCa8j6gFxqgTUQdZhMSH+TAGkCNNw/js/zQptFGxj96CjI
+JsO16nk4O7EhGbVWtMT98p9BhM6gSwiM9JJO9tPqgOjCDUbTvmMbrhyUyJtI+dH
EKXvmEthXdnFtecrdEMJAfn3nbaoCTXJFyaeVJfc3MDagVbfPtYQlO2NVBHpItDI
jpGHjh10yr6sQCVBE7EZQZD/z2NL1OrnDw/C21ODZy+PRymzqmguSgu3f4JKgHHV
OiRHHT1FeUgwjQdaal0CnBSOlxZSsi9rYs2dOnuViGgyiklxOgKvkl6hkl2NjkTW
FqU25wRpHK++NCYRezha6PT1Ap0/ksJgV7deccIUYj9eEdkuR0ncxakpArteW/gx
vOKkPu1qJ77S71ipaw6u0g2FlmOC/6EmCs99LFBGJ3PF0hPFSpa9SREaLwQpbKrG
P5oH9qVgpmHtiK+MigkD7wHnVw2UR8AIsnzgJXz9W5anqmwU2x4dLXqQhXSguzDJ
6ugenqsbIQ5FyDX5i81A
=D8vm
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org