httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Herb Burnswell <herbert.burnsw...@gmail.com>
Subject [users@httpd] mod_proxy_http rewrite problem
Date Thu, 07 Jun 2018 19:36:21 GMT
All,

I'm facing what seemingly is a very difficult challenge, tyring to set up a
proxy to a backend application.  I say 'seemingly very difficult' because I
have reached out to the HTTPD community, codementor.io (offering money for
help), as well as consultants who say they really are not skilled enough to
help.  When I started looking into this (I've had to put it on the back
burner due to more urgent needs) I didn't anticipate the setup being
excessively difficult, but it seems to be.  My original message to the
group was:

http://mail-archives.apache.org/mod_mbox/httpd-users/201802.mbox/%3CCAOuzmw778mmRssv-%3DpLNB86xSReUnqqfzpY-%3D0LtgrxQyR28%2BA%40mail.gmail.com%3E

I did receive valuable guidance and appreciate the help.  My ultimate goal
is to get the proxy set up using mod_jk and I posted this message to the
group:

http://mail-archives.apache.org/mod_mbox/httpd-users/201803.mbox/%3CCAOuzmw5DRVon_sEkUbV%2BAHDTYHrRj%3D%2By9EHOeNWdEb%2BXPN3p%3Dw%40mail.gmail.com%3E

At this point I just want to get the proxy working using mod_proxy_http.
I've had some success in that I can get the vanity URL to serve the
application login page securely, but I'm having trouble with the back and
forth between the proxy and the application.  Here is the virtual host
configuration I am using:

<VirtualHost *:443>

        ServerName vanity.example.com
        ServerAlias www.vanity.example.com

        SSLEngine on
        SSLProxyEngine  on
        SSLProtocol all -SSLv2 -SSLv3
        SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA
        SSLCertificateFile /etc/pki/tls/certs/my_bundle.crt

        <Proxy balancer://applicationcluster>

                BalancerMember https://app1.example.com:8443/frontpage
route=node1
                BalancerMember https://app2.example.com:8443/frontpage
route=node2
                BalancerMember https://app3.example.com:8443/frontpage
route=node3
                ProxySet lbmethod=bybusyness

        </Proxy>

        ProxyPreserveHost       On
        ProxyPass / balancer://applicationcluster/ stickysession=JSESSIONID
        ProxyPassReverse / balancer://applicationcluster/
stickysession=JSESSIONID

        RewriteEngine   On
        RewriteRule "^/frontpage(.+)" "$1" [R,L]

</VirtualHost>

This configuration allows for the frontpage to serve properly, however
trying to log in fails as the rewrite rule again strips the '/frontpage'
off of the requested path but it is needed for logic on the application
side:

[Thu Jun 07 11:22:41.711001 2018] [rewrite:trace2] [pid 101871:tid
140147827910400] mod_rewrite.c(470): [client 10.24.3.10:64324] 10.24.3.10 -
- [vanity.example.com/sid#55fa483335d8][rid#7f76a401a100/initial] rewrite
'/frontpage/zkau' -> '/zkau', referer: https://vanity.example.com/login.zul

I'm not even sure why the rewrite rule initially allows for the log in page
to serve, but if I don't have it in place the request goes into a loop.  I
don't want to make any changes on the application side, only on the proxy.

Is there a good way to handle this?  A rewite condition?

I appreciate any guidance.

Thanks in advance,

HB

Mime
View raw message