Re: Another mod_proxy Question/Issue (Apache Users)

Just to close the discussion here:

Chris sent me the real domain name and I had a look:

The issue is actually that the ProxyPassReverse is not correct.

Requests for the main page come back with a 302 pointing to /share/ and all assets used also have /share/ at the beginning of their path.

I will have a look off list to figure out either 1) why reverse is not catching this or 2) if the tomcat server can be set to know it is behind a proxy.

- Y

On Thu, Oct 31, 2013 at 10:21 PM, Chris Arnold <carnold@xxxxxxxxxxxxxxxxxxx> wrote:

Sent from my iPhone

On Oct 31, 2013, at 10:06 PM, "Yehuda Katz" <yehuda@xxxxxxxxxx> wrote:

When you say "And this gives me a 403 access denied.", you need to also include the exact URL that you entered in the browser (minus the hostname if you want).

Sorry, https://share.example.com

If you have the rewrite rule:
RewriteRule ^/(.*) https://192.168.123.3:8443/$1 [P]
and you navigate to https://share.example.com/, you should get exactly the same content as if you went to https://192.168.123.3:8443/, in this case, the Tomcat homepage.

That is exactly what I get

1) When going to BOTH URLs, is that what you see?

Yes

2) If the answer is yes, then without making any changes to the HTTPD configuration, when you go to https://share.example.com/share/ in your browser, do you get the expected result from tomcat?

Yes

If you want to remove the /share/ part from the public URL, after you have confirmed that the above works, this is the rewrite rule you would need:
RewriteRule ^/(.*) https://192.168.123.3:8443/share/$1 [P]

This is the one that gives the tomcat 404 and adds the extra /share

- Y

On Thu, Oct 31, 2013 at 3:35 PM, Chris Arnold <carnold@xxxxxxxxxxxxxxxxxxx> wrote:

>Are you accessing this URL from a web browser or a dedicated program?

>The implication is that your client might be requesting (or the web application redirecting to) https://share.example.com/share/ which you are rewriting to already include the >/share/, therefore, the doubled share.

Accessing directly from browser. So i tried this:

RewriteRule ^/(.*) https://192.168.123.3:8443/$1 [P]

And this takes me right to the tomcat home page, /

Tried this:

RewriteRule ^/share/(.*) https://192.168.123.3:8443/share/$1 [P]

And this gives me a 403 access denied.

On Thu, Oct 31, 2013 at 2:09 PM, Chris Arnold <carnold@xxxxxxxxxxxxxxxxxxx> wrote:

>What about when you go to https://share.example.com/share/?

If i remember right, this gave the same error.

As i try different things and think about this, i am going to need multiple clients to access this web app securely like so https://share.anydomain.tld and will need apache to send those requests to tomcat. Yehuda, if i remember right, you set this up for me with the mail server. So, i copied that entry and changed to fit the share url:

#This rewrites https://share.anydomain.tld to our mail server
   RewriteEngine On
   RewriteCond %{HTTP_HOST} ^share\.
   RewriteCond %{HTTPS} on
   RewriteRule ^/(.*) https://192.168.123.3:8443/share/$1 [P]

But this gives the exact error as before 404 from tomcat:

HTTP Status 404 - /share/share/page/
I think i am starting to see what Tom was talking about with tomcat adding the extra /share!