On 7/28/06, Joshua Slive <joshua@xxxxxxxx> wrote:
On 7/28/06, snacktime <snacktime@xxxxxxxxx> wrote: > This is with apache 1.3.x. Running apache 2 isn't an option due to > some web applications using older versions of mod perl. > > I want to use apache to proxy ssl connections to a backend plain http > server. The backend server is mongrel (http://mongrel.rubyforge.org/) > which is used to run ruby on rails web apps. Apache would be > configured to require ssl client certificates issued by our ca. What > I want is to somehow pass the mod_ssl environment variables to mongrel > when the request is proxied. I've tried using mod_rewrite, and while > it handles the proxying just fine it's not passing the ssl > environment. This is the configuration that isn't working for me. > I've also tried setting an arbitrary test environment variable > ([E=TESTVAR:test,P]) without any luck. > > RewriteRule ^/xml/(.*) http://localhost:88/xml/$1 > [E=SSL_CLIENT_CERT:%{SSL:SSL_CLIENT_CERT},P] Environment variables are local to an apache instance. They cannot be directly passed over HTTP requests. You need to use something that can be passed over HTTP requests to transmit the info. Some examples: - Query string - Cookies - Other arbitrary request headers. All of those can be set in version 2.2 with mod_rewrite and mod_headers. The only one that I know will work in 1.3 is the query string. But you'll need to be careful not to mess up other uses of the query string by your applications.
Ya I was afraid of that, but had to ask anyways. Unfortunately setting request headers would be the only option, and we are stuck with 1.3 for the time being. Thanks for the info. Chris --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx