www-modproxy-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From scott.pichel...@weirslurry.com
Subject Re: Fw: Apache2 Proxy and Domino Http Server Webmail Redirect
Date Fri, 07 Jan 2005 18:21:20 GMT
Hi,

I found out that the Domino Webmailredirect was at fault!
If anyone ever configures this solution, remember to use the "fixed" 
server setting instead of "dynamic", unless you have multiple servers with 
your proxy!
Talked to IBM Lotus Support and they helped out...phew.
Sorry for any wasted thoughts on this post...

Regards,

Scott Pichelman
Systems Administrator
Weir Slurry TM
North America
2701 S Stoughton Rd
Madison WI 53716  USA

T: +001 608 226 5615
F: +001 608 221 5807
M: +001 608 346 2784
E: scott.pichelman@weirslurry.com
W: http://weirslurry.com



scott.pichelman@weirslurry.com 
01/07/2005 10:12 AM
Please respond to
modproxy-dev@apache.org


To
modproxy-dev@apache.org
cc

Subject
Fw: Apache2 Proxy and Domino Http Server Webmail Redirect







Hi, 

I have been trying to get apache's modproxy(ProxyPass/Reverse) or even 
Modrewrite(RewriteCond/Rules) to work properly with Domino's 
WebmailRedirect.nsf file. 

Here is a Notes forum Post that hopefully explains the problem I am having 
in a nutshell: 
http://www-10.lotus.com/ldd/nd6forum.nsf/55c38d716d632d9b8525689b005ba1c0/175d0edd0639071485256e5c000915d4?OpenDocument



An explaination of my scenario below: 
All behind our Firewall - PIX515: 

        User(Internet) --> FW --> Apache2 WebServer(DMZ) --> Domino Http 
Server(COMM-different network) 

Starting from the backend first... 
The domino Web server is running on  port 81 and it's Home URL is "
/DominoWe.nsf". ( I believe this file has code or references the Webmail 
redirect db/code) 
We are using an IBM/Lotus supplied Domino Webmail "redirect" called 
"WebAccessRedirect650.ntf". 
If I use the Domino webserver address & port to access webmail it works 
fine. 
A single sign-on and we are redirected to our mail file without any 
problems.(The redirect takes the info given with username/pwd from 
names.nsf and any other files & directs the browser to the mail/*.nsf and 
loads up webmail interface/template) 

However, it's get's more complex as you know when we add Apache2 and its 
Reverse Proxy into the mix. 
I have tried using modrewrite w/ rewriterules and I get the same result. ( 
I tried your method and many others as well) 

RewriteEngine on 
RewriteLog "/var/log/httpd/rewrite.log" 
RewriteLogLevel 2 
RewriteCond %{REQUEST_URI} ^/ 
RewriteRule /(.*) http://203.57.228.7:81/$1 [P] 

And with a Pound Proxy added to the configuration, just these two Proxy 
directives worked for me! 

ProxyPass / http://203.57.228.7:81/ 
ProxyPassReverse / http://203.57.228.7:81/ 

The IP's listed above are of course the backend Domino Server. 
So, as you can see I didn't need modrewrite w/ rewriterules or 
rewriteconditions. 
The reason why is because a used another reverse proxy called "Pound". 
URL located below: 
http://www.apsis.ch/pound/ 

Then, for the above ProxyPass/Reverse directives I had the IP and port of 
the Pound Proxy and the Pound Proxy had the values of the Domino server: 

Apache: 
ProxyPass / https://webmail.weirslurry.com:8080/ 
ProxyPassReverse / http://webmail.weirslurry.com:8080/ 

Pound: 
ListenHTTPS 66.170.10.6,8080 
BackEnd 203.57.228.7,81,1 

Another rudimentary  diagram below: 
User(Internet) --> FW --> Apache Web Server/Proxy & Pound Proxy on same 
machine(DMZ - behind FW) --> Domino Http Server(COMM-another different 
network behind FW) 

So, somehow the addition of the Pound Proxy helped the Http 
headers/URI/URL's,etc understand teh DominoWEbmailRedirect in Domino Http 
so it would ask for our username and pwd "only" once and not reveal the IP 
address of the backend Domino server after serving up the webmail 
redirect!?! 
I know it sounds strange, but it works. 

In conclusion, my issue is with the Domino Redirect. 
If I could write  home-grown html, php, perl, jsp or ? script/code with my 
own "redirect" I would think that apache would behave better? 
I found some examples of creating a work-around or a homegrown solution in 
the Notes forums where others have had the same problem but the 
explanations & answers weren't clear for me. 
Here are some examples: 
http://www-10.lotus.com/ldd/nd6forum.nsf/55c38d716d632d9b8525689b005ba1c0/87423972d7b74bca85256dec0059a08d?OpenDocument


http://www.notestips.com/80256B3A007F2692/1/NAMO5RX3PX 
None of which seem to work for me!?! 

And this last one I would like to try but haven't given it any thought or 
know how to start w/ Lotus forms/agents... 
http://www-10.lotus.com/ldd/nd6forum.nsf/55c38d716d632d9b8525689b005ba1c0/dfd6abb19c3c699585256e5f00334932?OpenDocument



Should I be using vhosts and then add some rewriterules together in order 
to remedy my problem? 
  
If you are still confused I can allow you access the Domino Web server 
Webmail front-end I am working on from the net. 
I appreciate any feedback, thanks! 

Regards, 

Scott Pichelman
Systems Administrator
Weir Slurry TM
North America
2701 S Stoughton Rd
Madison WI 53716  USA

T: +001 608 226 5615
F: +001 608 221 5807
M: +001 608 346 2784
E: scott.pichelman@weirslurry.com
W: http://weirslurry.com 

The information contained in this email (including any attachments) is 
confidential, subject to copyright and for the use of the intended 
recipient only. If you are not the intended recipient please delete this 
message after notifying the sender. Unauthorised retention, alteration or 
distribution of this email is forbidden and may be actionable.

Attachments are opened at your own risk and you are advised to scan 
incoming email for viruses before opening any attached files. We give no 
guarantee that any communication is virus-free and accept no 
responsibility for virus contamination or other system loss or damage of 
any kind.



The information contained in this email (including any attachments) is confidential, subject
to copyright and for the use of the intended recipient only. If you are not the intended recipient
please delete this message after notifying the sender. Unauthorised retention, alteration
or distribution of this email is forbidden and may be actionable.

Attachments are opened at your own risk and you are advised to scan incoming email for viruses
before opening any attached files. We give no guarantee that any communication is virus-free
and accept no responsibility for virus contamination or other system loss or damage of any
kind.

Mime
View raw message