AW: [users@httpd] Reverse Proxy Again

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Franky,
 
1. The header line with the cookie has at least 2 parts with the SAP WAS 
Cookie=saplb_*=(J2EE184141100)184141150; JSESSIONID=(J2EE184141100)ID184141150DB10457613221413343070End
Is it possibly that your javascript shows you only the information till the first semicolon ";" ?
 
I have in my config thes 3 Parameters too
ProxyPreserveHost        On
ProxyReceiveBufferSize 4096
ProxyBadHeader           Ignore
 
The only thing is that i began to use an Apache 2 in front of SAP Web AS with version 2.0.53, but even with an 1.3.26 the JSESSIONID wasn't a problem.
 
If it is still a problem, can you check, waht you reserve from Tomcat with any from the follwing tools. 

iehttpheaders http://www.blunck.info/iehttpheaders.html 
Livehttpheaders http://livehttpheaders.mozdev.org/ <http://livehttpheaders.mozdev.org/>  
Tamper Data  https://addons.mozilla.org/extensions/moreinfo.php?id=966 <https://webmail.unilog.de/exchweb/bin/redir.asp?URL=https://addons.mozilla.org/extensions/moreinfo.php?id=966>  
With Tamper Data you can track every Request and Response 

 
2. The stickysesssion=JSESSIONID ist only useful and kown by the config when you are using mod_proxy_balancer [only in 2.2.0]to access more than 1 server in the back.

 
________________________________

Von: Franky Ronaldy [mailto:franky.ronaldy@xxxxxxxxx]
Gesendet: Fr 13.01.2006 03:56
An: users@xxxxxxxxxxxxxxxx
Betreff: Re: [users@httpd] Reverse Proxy Again



I have created the simple javascript program to check the cookie which
being set by the SAP. And I notice that SAP Netweaver set cookie into
my browser :

saplb_*,(J2EE2350500)2350550 PortalAlias,portal
JSESSIONID,(J2EE2350500)ID2350550DB11007797051053951047End

But if I access it through reverse proxy, my cookie is only:

saplb_*,(J2EE2350500)2350550 PortalAlias,portal

Those JSESSIONID missing from the cookie.

I have tried to change the httpd.conf file by putting:

ProxyPass /dev/irj http://www.domain.com:50000/irj stickysession=JSESSIONID
ProxyPassReverse /dev/irj http://www.domain.com:50000/irj > ProxyPass
/dev/logon http://www.domain.com:50000/irj stickysession=JSESSIONID
ProxyPassReverse /dev/logon http://www.domain.com:50000/irj ProxyPass
/dev/webdynpro http://www.domain.com:50000/webdynpro >
ProxyPassReverse /dev/webdynpro http://www.domain.com:50000/webdynpro

When I issue command ./apachectl configtest, I got error indicate that
ProxyPass only accept 2 parameters only.

Any idea how to keep those JSESSIONID remain eventhough through
reverse proxy server? Is it a bugs for apache 2.0.46? Should I upgrade
to other version?

Thanks.

Rgds,
Franky

On 1/12/06, Oliver.Schaudt@xxxxxxxxx <Oliver.Schaudt@xxxxxxxxx> wrote:
>
>
> Hi Franky,
> with a SAP Portal in the background you have to send back more
> [i used hier only "irj" because the next contexta in the uri
> which the portal wants are "portal" / "portalapps" /"go" and "servlet"
> .<snip>
> ProxyRequests Off
> ProxyPass        /irj http://www.domain.com:50000/irj <http://www.domain.com:50000/irj>
> ProxyPassReverse /irj http://www.domain.com:50000/irj <http://www.domain.com:50000/irj>
> ProxyPass        /logon http://www.domain.com:50000/irj <http://www.domain.com:50000/irj>
> ProxyPassReverse /logon http://www.domain.com:50000/irj <http://www.domain.com:50000/irj>
> ProxyPass        /webdynpro http://www.domain.com:50000/webdynpro <http://www.domain.com:50000/webdynpro>
> ProxyPassReverse /webdynpro http://www.domain.com:50000/webdynpro <http://www.domain.com:50000/webdynpro>
>
> # and because the portal sends sometimes some garbled headers
> # than put this directive in your config, too
> ProxyBadHeader         Ignore
> <snip>...
>
>
> With your "dev" inthe path than it should be
>
> ProxyPass        /dev/irj http://www.domain.com:50000/irj <http://www.domain.com:50000/irj>
> ProxyPassReverse /dev/irj http://www.domain.com:50000/irj <http://www.domain.com:50000/irj>
> ProxyPass        /dev/logon http://www.domain.com:50000/irj <http://www.domain.com:50000/irj>
> ProxyPassReverse /dev/logon http://www.domain.com:50000/irj <http://www.domain.com:50000/irj>
> ProxyPass        /dev/webdynpro http://www.domain.com:50000/webdynpro <http://www.domain.com:50000/webdynpro>
> ProxyPassReverse /dev/webdynpro http://www.domain.com:50000/webdynpro <http://www.domain.com:50000/webdynpro>
>
> You can easily find out what the portal sends to you if you use "tamper Data" inside Firefox or with a little bit more work "iehtttpheaders"
>
> bye
>
> Oliver
> ________________________________
>
> Von: Franky Ronaldy [mailto:franky.ronaldy@xxxxxxxxx]
> Gesendet: Do 12.01.2006 09:32
> An: users@xxxxxxxxxxxxxxxx
> Betreff: [users@httpd] Reverse Proxy Again
>
>
>
> Hi,
>
> I am quite new for reverse proxy. I need some advice from expertise
> here. I have to configure apache as a reverse proxy with SAP portal at
> the backend. My apache run in linux ES 3 with apache version 2.0.46.
>
> I have configured httpd.conf to act as a reverse proxy as following:
>
> .<snip>
> ProxyRequests Off
> ProxyPass /dev http://www.domain.com:50000/irj/portal
> ProxyPassReverse /dev http://www.domain.com:50000/irj/portal
> <snip>...
>
> I can see the login page from http://www.domain.com:5000/irj/portal
> but without image, css, etc.... so I add two more lines inside
> httpd.conf as following
>
> .<snip>
> ProxyRequests Off
> ProxyPass /dev http://www.domain.com:50000/irj/portal
> ProxyPassReverse /dev http://www.domain.com:50000/irj/portal
> ProxyPass / http://www.domain.com:50000/irj/portal
> ProxyPassReverse / http://www.domain.com:50000/irj/portal
> LogLevel debug
> <snip>...
>
> After restart apache, I can see everything included all images,  css
> so on and so forth. But I can't login to the SAP portal.
>
> My confusion whether is there anyway I can traceroute the requests
> coming into apache until it comes back to apache from the backend?
>
> Eventhough I check the error log I did not find any clues why I can't
> login into the SAP portal at the backend.
>
> Thanks in advanced for any advice.
>
> --
> Regards,
> Franky
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
>   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
>
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
>   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
>
>


--
Regards,
Franky

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx

<<winmail.dat>>

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux