Could you please let me know how can we use reverse proxy to allow non aem server to post pages to a directory on the main domain on AEM site (Eg: www.yourdomainname.com/test-one)?
I have tried adding the below syntax in the vhost file in dispatcher module of Apache server for using reverse proxy. However, this didn't work and faced a 404 on dispatcher upon server restart. The reason might be dispatcher reverse proxies to the publish instance. How can we bypass this issue to setup reverse proxy?
<VirtualHost *:80>
ServerName www.yourdomainname.com
ProxyRequests off
RemoteIPHeader X-Forwarded-For
Header set xxx-Proxy-Version "1.0"
ProxyPreserveHost On
<Location /test-one >
ProxyPass "http://xxx/test-one"
ProxyPassReverse "http://xxx/test-one"
Order allow,deny
Allow from all
</Location>
<Location /test-one/(.*) >
ProxyPass "http://xxx/test-one/(.*)"
ProxyPassReverse "http://xxx/test-one/(.*)"
Order allow,deny
Allow from all
</Location>
</VirtualHost>
Thanks
Related
I deploy a website war in wildfly named testDom-0.1 with apache httpd reverse proxy on. After logging in successfully, the default successful URL in spring security is "/booking", but the browser always get "testDom-0.1/booking" and then complain 404 error, if manually change the url into /booking, the page can be accessed without problem.
http.formLogin()
.loginPage("/denglu").permitAll()
.defaultSuccessUrl("/booking",true)
<VirtualHost *:80>
ProxyRequests off
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:8080/testDom-0.1/
ProxyPassReverse / http://127.0.0.1:8080/testDom-0.1/
ProxyPassReverseCookiePath /testDom-0.1 /
<proxy>
Order deny,allow
Allow from all
</proxy>
</VirtualHost>
The expected return url should be localhost/booking not localhost/testDom-0.1/booking
I want to make Tableau (which is on an internal network) accessible on the public network. One of the ways recommended by Tableau Support is a Reverse Proxy.
I have set up the required modules and have the reverse proxy functioning. The login page is available through these settings in httpd given below. However, once I log in and want to open Projects, Views etc. It routes to
http://actualsite.com/#/vieworproject
which should actually be http://actualsite.com/tableauaccess/#/vieworproject.
Here is the httpd configuration:
ProxyPass /tableauaccess/ http://tableauserverexample.com/
ProxyPassReverse /tableauaccess/ http://tableauserverexample.com/
<Location /tableauaccess/>
Order deny,allow
Allow from all
ProxyHTMLURLMap / /tableauaccess/
</Location>
This doesnt solve the main issue with #. I tried
ProxyPass /#/ http://tableauserverexample.com/#/
ProxyPassReverse /#/ http://tableauserverexample.com/#
But it doesnt help. Any suggestions?? Thanks!
We had this same issue recently. Your httpd.conf file is technically correct for mod_proxy, however the url you are attempting to use is not supported by Tableau. You cannot use:
http://actualsite.com/tableauaccess
But rather you must use the format:
http://tableauaccess.actualsite.com
We ended up setting up that sub-domain name and then using a VirtualHost block such as:
Listen 80
NameVirtualHost *:80
<VirtualHost *:80>
ServerName actualsite.com
DocumentRoot "/path/path2/pathx"
</VirtualHost>
<VirtualHost *:80>
ServerName tableauaccess.actualsite.com
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://tableauaccess.actualsite.com/
ProxyPassReverse / http://tableauaccess.actualsite.com/
<IfModule mod_cache.c>
CacheDisable *
</IfModule>
RequestHeader set X-Forwarded-Proto "http" #or "https", depending on preference
</VirtualHost>
Be sure to double-check your Tableau server to update the URL format.
Sources:
https://community.tableau.com/thread/198095
https://community.tableau.com/thread/218678
(I don't have enough reputation points to post all of my sources, but thanks to Tableau community, shanemadden at ServerFault, and the Apache documentation.)
edit: forgot trailing slashes
(I am x-posting this from serverfault because I didn't get any responses there and we have a lot apache pros over here)
I am using my apache as a reverse proxy for a few requests to a webserver running on an internal port to allow access via my regular virtual host. This is on an ubuntu 15 running apache 2.4 in vagrant.
Here's my virtualhost config:
<VirtualHost *:80>
DocumentRoot /vagrant/htdocs
ServerName test.vm
# proxy pass mailcatcher to internal webserver
<Location /mailcatcher>
ProxyPass http://localhost:1080
ProxyPassReverse http://localhost:1080
</Location>
<Location /assets>
ProxyPass http://localhost:1080/assets
</Location>
<Location /messages>
ProxyPass ws://localhost:1080/messages
ProxyPassReverse http://localhost:1080
</Location>
<Directory />
Require all granted
</Directory>
<Directory /vagrant/htdocs>
AllowOverride all
</Directory>
</VirtualHost>
For a while, this works fine. However, after a time, suddenly all requests to this virtualhost are proxied to the internal webserver. So if I call http://test.vm/cron/mails.php at first it will run mails.php as expected. However after a random amount of time or event, suddenly the aforementioned URL will start serving responses from Mailcatcher.
The message you were looking for does not exist, or doesn't have content of this type
This is a Mailcatcher error that you get when you request a message that no longer exists.
This service, Mailcatcher, is started with my VM and runs all the time. The weird thing is, I don't experience this issue when I am doing other stuff on the VM (there's a web app running on it). Only when I am actively debugging mails and using the Mailcatcher gui am a I suddenly sometimes experiencing this.
Waiting for a while or restarting apache "solves" this issue until it pops up the next time. Can anyone help me out on this? Did I set up my proxy wrong?
Thanks.
You can try these :
<VirtualHost *:80>
ServerName mailcatcher.domain.tld
ServerAdmin webmaster#domain.tld
<Location />
ProxyPass http://localhost:1080/
ProxyPassReverse http://localhost:1080/
</Location>
<Location /messages>
ProxyPass ws://localhost:1080/messages
ProxyPassReverse ws://localhost:1080/messages
</Location>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Notes :
Of course localhost is set in your /etc/hosts or should be change to your mailcatcher server.
It's better to dedicate a hostname to mailcatcher service. With mod_proxy is not easier to manage correctly sub directory path.
I have been trying to setup a reverse proxy using apache 2 mod_proxy and the proxypass & proxypassreverse directives.
I am installing WSO2 Identity Server and wish to access that app using a url such as the following .
hxxp://myserver.domain.com/wso2/
The myserver.domain.com is accessible on the internet
Internally on my network I have set up a virtualhost running in my apache2 configuration with the following parameters:
For various reasons, port 80 is unavailable and the virtualhost must stay as :8080.
Finally, here is my virtual host configuration
<VirtualHost *:8080>
<Location /wso2/>
ProxyPass hxxps://internal.wso2.node:9443/
ProxyPassReverse hxxs://internal.wso2.node:9443/
</Location>
ProxyVia On
ProxyPreserveHost Off
ProxyAddHeaders Off
ProxyRequests Off
SSLProxyEngine On
SSLProxyCheckPeerCN Off
</VirtualHost>
The issue:
I can use my web browser ( Firefox/Chrome) to request the http://myserver.domain.com/wso2/ resource. In my log files I see that the request does hit the apache server and the virtualhost catches the /wso2/ location.
It passes through the proxy and lands on the internal.wso2.node server. however, the product WSO2 IS preforms several redirects which, in the log files I see it requesting the resource with the port appended.
Here is the request flow
hxxp://myserver.domain.com/wso2/ -> hxxps://internal.wso2.node:9443/
REDIRECT x3
hxxps://internal.wso2.node:8080/carbon ->
hxxps://internal.wso2.node:8080/carbon/admin/login.jsp
Back to my web browser
hxxp://myserver.domain.com:8080/wso2/carbon/admin/login.jsp
For some reason the apache response back appends its virtual host to the url I am requesting.
If I remove the port:8080 and request again the full url it will access the resource fine. However any attempt to access using only http://myserver.domain.com/wso2/ will result in redirects and the port appended.
As per covener's suggestion the culprit in this case proved to be the following directives:
UseCanonicalName Off
UseCanonicalPhysicalPort Off
Additionally, the web app I am trying to access makes use of sessions and cookies, therefore we must also proxy those, see the added directives under the ProxyPass & ProxyPassReverse.
Therefore the updated virtualhost configuration file should now look like this
<VirtualHost *:8080>
ServerName: myServer.domain.com
UseCanonicalName Off
UseCanonicalPhysicalPort Off
<Location /wso2/>
ProxyPass hxxps://internal.wso2.node:9443/
ProxyPassReverse hxxs://internal.wso2.node:9443/
ProxyPassReverseCookiePath / /wso2/
ProxyPassReverseCookieDomain internal.wso2.node myserver.domain.com
</Location>
ProxyVia On
ProxyPreserveHost Off
ProxyAddHeaders Off
ProxyRequests Off
SSLProxyEngine On
SSLProxyCheckPeerCN Off
</VirtualHost>
Is there any way I connect Apache to Tomcat using an HTTP proxy such that Tomcat gets the correct incoming host name rather than localhost? I'm using this directive in apache:
ProxyPass /path http://localhost:8080/path
But it comes through as localhost, which is useless when we have a bunch of sites on the same server. I could set the host manually in the server config:
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
proxyName="pretend.host" proxyPort="80" />
But that again doesn't serve more than one site. And I don't like the idea of using a different internal port for each site, that sounds really ugly.
Is there no way to transfer the port when I proxy it?
(If you ask why I don't just use AJP, the answer is this error. I'm trying everything I can before giving up on Tomcat and Apache entirely)
The settings you are looking for are:
<VirtualHost *:80>
ServerName public.server.name
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
</VirtualHost>
Note that we're using localhost as the proxy target. We can do this since we enable ProxyPreserveHost. The documentation states that
It is mostly useful in special configurations like proxied mass name-based virtual hosting, where the original Host header needs to be evaluated by the backend server.
which sounds exactly like what you are doing.
I think your best bet if you want multiple sites on the same server is to use virtual hosts in your Apache configuration. Here's an example:
<VirtualHost *:80>
ServerName server.domain.com
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://server.domain.com:8080/
ProxyPassReverse / http://server.domain.com:8080/
<Location />
Order allow,deny
Allow from all
</Location>
As long as you have server.domain.com registered in your external DNS, the incoming host name will be displayed in client URLs. I'm running a single server hosting 6 separate sites, including 3 that are back by Tomcat, using this method.
You can still use AJP, and you should since it's faster than HTTP. Just make sure to enable it in http.conf:
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
In that case, this configuration works for me:
<VirtualHost *:80>
ServerName public.server.name
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / ajp://localhost:8080/
# ProxyPassReverse might not be needed,
# it's only for redirecting from inside.
# ProxyPassReverse / ajp://localhost:8080/
</VirtualHost>