RE: [users@httpd] Reverse Proxy with internal redirects

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: users@xxxxxxxxxxxxxxxx
Subject: RE: [users@httpd] Reverse Proxy with internal redirects
From: scott.marquardt@xxxxxxxxxxxxxxx
Date: Mon, 24 Jul 2006 11:22:05 -0500
Delivered-to: apmail-httpd-users-archive@xxxxxxxxxxxxxx
Delivered-to: apmail-httpd-users-archive@xxxxxxxxxxxxxxxx
Delivered-to: mailing list users@xxxxxxxxxxxxxxxx
In-reply-to: <9B4E37DCB8D57D408FF960B536F0E52743315C@xxxxxxxxxxxxxxxxx>
Mailing-list: contact users-help@xxxxxxxxxxxxxxxx; run by ezmlm
Reply-to: users@xxxxxxxxxxxxxxxx

Let me see if I can explain what's happening.

User requests http://external-apps
Apache processes Virtual host external-apps
ProxyPass / http://internal-apps/
The Internal apps server denies access and requires authentication.
Internal app server redirects the user to http://internal-sso and not http://external-sso
(at this point the external user does not know where internal-sso is located and errors out)
Since the user is still being processed in external-apps virtual host the ProxyPassReverse will not work

I cannot put in the following config, since the redirction still needs to go to http://external-sso
ProxyPass / http://internal-sso/ # Can't be included in external-apps virtual host
# This will redirect to http://external-apps

********** Stripped Down Virtual Hosts ************
<VirtualHost 192.168.1.200:80>
ServerName external-apps
ProxyRequests Off
RewriteEngine On
ProxyPreserveHost On
ProxyPass / http://internal-apps/
ProxyPassReverse / http://internal-apps/
</VirtualHost>

<VirtualHost 192.168.1.201:80>
ServerName external-sso
ProxyRequests Off
RewriteEngine On
ProxyPreserveHost On
ProxyPass / http://internal-sso/
ProxyPassReverse / http://internal-sso/
</VirtualHost>
********** *********************************************

>I have a 2 node internal environment. http://internal-apps and >http://internal-sso. The reverse proxy has two virtual hosts configured >as http://external-apps and http://external-sso. All reverse proxy >configs work except when the application server needs to authenticate to >the sso server. The app server redirects the client to the internal name >of the sso server and not to the external name. There is no way to change >the redirection problem on the app server. >My question is, can the location header variable be rewritten before the >external client receives it and makes the request to the internal server >name? Despite of the fact that i don't know your real configuration, i would say, you miss ProxyPassReverse ... or ProxyPreserveHost On More is only possible when you show a real config Bye Oliver --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx

Attachment: winmail.dat
Description: Binary data

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx

References:
- RE: [users@httpd] Reverse Proxy with internal redirects
  - From: Oliver.Schaudt

Prev by Date: Re: [users@httpd] referer header field too long?
Next by Date: [users@httpd] mod_authnz_ldap and Lotus Domino
Previous by thread: RE: [users@httpd] Reverse Proxy with internal redirects
Next by thread: [users@httpd] mod_rewrite to go from http to https and back
Index(es):
- Date
- Thread

[Index of Archives] [Open SSH Users] [Linux ACPI] [Linux Kernel] [Linux Laptop] [Kernel Newbies] [Security] [Netfilter] [Bugtraq] [Squid] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Samba] [Video 4 Linux] [Device Mapper]