Could help me following: ProxyPass http://192.0.2.25:8080/SECAdmin ProxyPassReverse http://192.0.2.25:8080/SECAdmin/ Dne 12. srpna 2011 21:45 Nick Kew <nick@xxxxxxxxxxxx> napsal(a): > On Fri, 12 Aug 2011 21:21:45 +0200 > Petr Hracek <phracek2@xxxxxxxxx> wrote: > >> Dear user, >> >> I am a new bie in Reverse Proxy configuration but something is wrong >> and I really do not know >> where can be a problem. >> >> My configuration of Virtual Host is following: >> <VirtualHost *:443> >> SSLEngine on >> SSLProxyEngine on >> ServerName main_assistant >> ProxyPreserveHost on >> ProxyRequests off >> TraceEnable off >> DocumentRoot "/opt/apache/htdocs/ssldocs" >> <Location "/APPL/"> >> require valid-user > > Is the proxy supposed to authenticate or not? Yes it has to be authenticated. for security reasons. All pages are authenticated by own module. > You can't just half-configure it! How to half-configure it? > >> ProxyPass http://192.0.2.25:8080/SECAdmin >> ProxyPassReverse http://192.0.2.25:8080/SECAdmin >> ProxyPassReverseCookiePath /SECAdmin /APPL > > That would not want SSLProxyEngine! I will try to turn off. > >> </Location> >> </VirtualHost> >> >> <VirtualHost 192.0.2.25:8080> > > Is the same server serving both these virtualhosts? Main server contains several Proxys not only that one. That IP (192.0.2.5) is on the another physical/vmware server > Your log seems to include messages that aren't from the proxy! > >> ServerName APPL >> #ProxyPreserveHost on >> ProxyRequests Off >> TraceEnable Off >> Include /opt/apache/conf/sslcrtcnf/current.conf > > Yes, and? > >> But when I am accessing https://<ip_address>/APPL/ > > Better to access it by name, so you get the right virtualhost. > What you've posted should give a server error due to your > broken authnz config! Our web has to be access over IP based name. Authnz config if wrong. On the Monday I will be back in the work and I can send you all whole configuration file (but to the private email, if it is not problem). Maybe you can find more troubles:) > >> in the log I see following: >> >> [Fri Aug 12 16:13:56 2011] [debug] mod_proxy_http.c(56): proxy: HTTP: >> canonicalising URL //192.0.2.25:8080/SECAdminAuthServlet > > That doesn't come from anything you've posted! > >> [Fri Aug 12 16:13:56 2011] [debug] udsc_handlers.c(3419): udsc_fixups >> /APPL/AuthServlet > > What is udsc_handlers.c? uds_handler is my own prorietary authentication module. > > In fact nothing in that log has any bearing on the configuration > you posted. > > -- > Nick Kew > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > > -- Best Regards / S pozdravem Petr Hracek --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|