RE: [users@httpd] apache 2.0 as reverse proxy using mod_rewrite

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello,

The configuration of virtual host https://login is the same:

Listen ip-address:443
 
<VirtualHost ip-address:443>
    ServerAdmin webmaster@login
    ServerName webserver
    ProxyPass / http://login-internal/
    ProxyPassReverse / http://login-internal/
    SSLEngine on
    SSLCertificateFile /etc/httpd/conf/ssl.crt/webserver.crt
    SSLCertificateKeyFile /etc/httpd/conf/ssl.key/webserver.key
    ErrorLog logs/error_log_webserver
    TransferLog logs/access_log_webserver
 
    RewriteEngine On
    RewriteRule ^/$ https://login/$1 [R,L]
 
</VirtualHost>

And this is working....

Webserver1 is indeed a typo. I thought $1 is the rest of the parameters. So https://webserver/test supposed to be forwarded to http://webserver-internal/test and will be rewritten back to https://webserver/test

I am probably wrong, but please enlighten me...

Greetings,

Herwarth

-----Original Message-----
From: Axel-Stéphane SMORGRAV [mailto:Axel-Stephane.SMORGRAV@xxxxxxxxxxxxxx] 
Sent: Friday, June 24, 2005 08:55
To: users@xxxxxxxxxxxxxxxx
Subject: RE: [users@httpd] apache 2.0 as reverse proxy using mod_rewrite


What is the configuration of the virtual host for https://login/ ???
 
What did you intend that the following line would do ?
    RewriteRule ^/$ https://webserverl/$1 [R,L]
 
What host is it supposed to redirect to? Is "webserverl" (_l_) a typo?? If it is a typo and you intended to make it "webserver" then you would get a eternal loop between the server and the client. What about the $1 ? What is that supposed to make reference to?

Try removing your rewrite rule and see what happens.

-ascs

________________________________

From: Heitmann, Herwarth [mailto:herwarth.heitmann@xxxxxxxxxxxxx] 
Sent: Thursday, June 23, 2005 5:24 PM
To: users@xxxxxxxxxxxxxxxx
Subject: [users@httpd] apache 2.0 as reverse proxy using mod_rewrite


hello,
 
i have some difficulties using apache webserver as a reverse proxy. i am sure it has to do something with url rewriting.
 
the situation is as follows.
 
- at our company we have some external ip address accessible via the internet. these ip addresses has to be assigned to the external ethernet card of the apache machine. we want to terminate ssl connections on the reverse proxy so we are using ip based virtual hosting  which works great.
- on the second ethernet card we have a connection to the actual websites.
 
internet                    
multiple ip's -------------reverse proxy---------------multiple websites
 
we have a complex application running on the reverse proxy and it does authentication to another website using the same reverse proxy
 
https://webserver ------------ reverse proxy ---------- http://webserver-internal (application redirects to https://login/?return=https://webserver)
https://login ------------------- reverse proxy ----------- http://login-internal (application does authentication) https://webserver ------------ reverse proxy ---------- http://webserver-internal
 
httpd conf for virtual host:
 
Listen ip-address:443
 
<VirtualHost ip-address:443>
    ServerAdmin webmaster@webserver
    ServerName webserver
    ProxyPass / http://webserver-internal/
    ProxyPassReverse / http://ip-address-internal/
    SSLEngine on
    SSLCertificateFile /etc/httpd/conf/ssl.crt/webserver.crt
    SSLCertificateKeyFile /etc/httpd/conf/ssl.key/webserver.key
    ErrorLog logs/error_log_webserver
    TransferLog logs/access_log_webserver
 
    RewriteEngine On
    RewriteRule ^/$ https://webserverl/$1 [R,L]
 
</VirtualHost>
 
it is strange because i get a http 302 return in the browser and does not continue.... it reaches webserver-internal with statement found 302 and then it stops.... it terminates ssl as expected...
 
what am i doing wrong?
 
greetings,
 
herwarth

===========================================================

De informatie opgenomen in dit bericht kan vertrouwelijk zijn en is alleen bestemd voor de geadresseerde. Indien u dit bericht onterecht ontvangt, wordt u verzocht de inhoud niet te gebruiken en de afzender direct te informeren door het bericht te retourneren. Hoewel Orange maatregelen heeft genomen om virussen in deze email of attachments te voorkomen, dient u ook zelf na te gaan of virussen aanwezig zijn aangezien Orange niet aansprakelijk is voor computervirussen die veroorzaakt zijn door deze email.

The information contained in this message may be confidential and is intended to be only for the addressee. Should you receive this message unintentionally, please do not use the contents herein and notify the sender immediately by return e-mail. Although Orange has taken steps to ensure that this email and attachments are free from any virus, you do need to verify the possibility of their existence as Orange can take no responsibility for any computer virus which might be transferred by way of this email.

=========================================================== 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



===========================================================

De informatie opgenomen in dit bericht kan vertrouwelijk zijn en is alleen bestemd voor de geadresseerde. Indien u dit bericht onterecht ontvangt, wordt u verzocht de inhoud niet te gebruiken en de afzender direct te informeren door het bericht te retourneren. Hoewel Orange maatregelen heeft genomen om virussen in deze email of attachments te voorkomen, dient u ook zelf na te gaan of virussen aanwezig zijn aangezien Orange niet aansprakelijk is voor computervirussen die veroorzaakt zijn door deze email.

The information contained in this message may be confidential and is intended to be only for the addressee. Should you receive this message unintentionally, please do not use the contents herein and notify the sender immediately by return e-mail. Although Orange has taken steps to ensure that this email and attachments are free from any virus, you do need to verify the possibility of their existence as Orange can take no responsibility for any computer virus which might be transferred by way of this email.

===========================================================

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux