My backend Tomcat server sends a 302 redirection with a relative path.
HTTP/1.1 302
Date: Wed, 13 Dec 2017 16:55:05 GMT
Server: Apache TomEE
Location: /StoreWeb/catalog/cotton-shirts
Content-Length: 0
I have this reverse proxy setup in Apache.
ProxyPass /catalog/ http://localhost:8080/StoreWeb/catalog/
ProxyPassReverse /catalog/ http://localhost:8080/StoreWeb/catalog/
But this is not having any effect on the Location header. Apache leaves it unchanged. How can I have Apache convert:
Location: /StoreWeb/catalog/cotton-shirts
To:
Location: /catalog/cotton-shirts
Performing URL rewrites as part of a ProxyPass is a Bad Idea™. You should deploy your webapp in Tomcat under the same URL as you intend to mount it into your URL space and you will never have any of these problems.
If you do manage to re-write the URL in your Location header, I think you'll find that you then have to re-write all of the URLs in all of the pages dynamically-generated by the StoreWeb application. Once you fix those, you'll find that the cookies have the wrong path. And on. And on.
Just deploy your application on the same URL path and your life will be infinitely easier.
I had the same problem and solved it with the following configuration:
ProxyPass /path1 http://server2/path2
ProxyPassReverse /path1 http://server2/path2
ProxyPassReverse /path1 /path2
I'm not sure of that being a 'best practice', though
Related
www.old-server.com/ws/ is the base URL for a web service on old-server. This is accomplished using a Location directive for "/ws" with a setHandler enclosed within the directive.
when a request for www.new-server.com/ws/ is received new-server needs to redirect the request to old-server/ws/. Any trailing parts of request URL need to be passed to old-server as well.
Running Apache2, with mod_rewrite.so loaded, on CentOS 7.
on new-server, the following does not work.
<Virtual Hosts>
...
<Location /ws>
Redirect "https://www.old-server/ $1"
</Location>
...
</Virtual Hosts>
I think the doc's say Redirect is not support inside of Location.
What is the correct way to do redirect the request URL to old-server?
The answer for me was to stop over thinking the problem. The Location directive is fine, but my redirect statement was wrong. The following is working at the moment, pending further testing with more complex scenarios.
<Virtual Hosts>
...
<Location /ws>
Redirect "/ws" "https://www.old-server/ws"
</Location>
...
</Virtual Hosts>
I am trying to configure Apache 2.4 with mod_proxy as a reverse proxy and I'm having a problem with redirects not passed from the origin server to the client.
I have the following configuration in the virtual host configuration:
[...]
ProxyPreserveHost On
# ProxyPass "/" "http://old.domain.tld/"
ProxyPassReverse "/" "http://old.domain.tld/"
[...]
When using the commented-out ProxyPass directive in the virtual host config, everything works fine. Which means a 30x-redirect from the origin server gets correctly rewritten and forwarded to the client.
When configuring the ProxyPass in .htaccess (which I need because this only should happen under certain conditions), the reverse proxy is working fine except that it does not process any redirects to the client.
I have the following .htaccess:
RewriteEngine On
RewriteRule ^(.*)$ http://old.domain.tld/$1 [P]
Now, I always get a 404 - not found in the client, when the origin server sends a 30x-Redirect.
In the proxy server log, I can see the following traces:
[...] strip per-dir prefix: /[...]/domain.tld/htdocs/ ->
[...] applying pattern '^(.*)$' to uri ''
[...] rewrite '' -> 'http://old.domain.tld/'
[...] escaped URI in per-dir context for proxy, http://old.domain.tld/ -> http://old.domain.tld/
[...] forcing proxy-throughput with http://old.domain.tld/
[...] go-ahead with proxy request proxy:http://old.domain.tld/ [OK]
The client gets the following headers delivered:
HTTP/1.1 404 Not Found
Date: Fri, 25 Nov 2016 14:04:23 GMT
Server: Apache/2
Content-Length: 1060
Content-Type: text/html; charset=utf-8
Keep-Alive: timeout=5, max=100
Proxy-Connection: Keep-alive
I don't understand why Apache or mod_rewrite/mod_proxy is not forwarding the correct redirect when configured in .htaccess.
Is there any solution for that? Or am I doing something wrong?
Thank you.
ProxyPassReverse its spected to handle redirects so origin server wont take the client outside of the proxy.
This directive lets Apache adjust the URL in the Location,
Content-Location and URI headers on HTTP redirect responses. This is
essential when Apache is used as a reverse proxy (or gateway) to avoid
bypassing the reverse proxy because of HTTP redirects on the backend
servers which stay behind the reverse proxy.
Only the HTTP response headers specifically mentioned above will be
rewritten. Apache will not rewrite other response headers, nor will it
rewrite URL references inside HTML pages. This means that if the
proxied content contains absolute URL references, they will bypass the
proxy. A third-party module that will look inside the HTML and rewrite
URL references is Nick Kew's mod_proxy_html.
I have a multi-tier application of three layers lets say public, business and workspace (all running apache).
Client requests hits the public servers, requests are processed and dispatched on to business servers that does 'things' and response is returned back to public server which then processes the response and pass it on to the client.
I have a scenario wherein I want a request say /rstudio coming to the public server dispatched onto the business which intern reverse proxy to workspace server. There are two catch here:
the workspace server varies per request
application running on workspace server (Rstudio) uses GWT and references resources (static resources js, css etc and RPC coms) on the root url. All the in-application redirection also happens on the domain.
From the business server, I have setup reverse proxy to Rstudio server from my application server.
<Proxy *>
Allow from localhost
</Proxy>
ProxyPass /rstudio/ http://business_server/
ProxyPassReverse /rstudio/ http://business_server/
RedirectMatch permanent ^/rstudio$ /rstudio/
and this work fine (ref. https://support.rstudio.com/hc/en-us/articles/200552326-Running-with-a-Proxy). To handle dynamic workspace server, I could the following but ProxyPassReverse does not support expression in value and this no joy with this approach.
ProxyPassMatch ^/rstudio/(.*)$ http://$1
ProxyPassReverse ^/rstudio/(.*)$ http://$1
RedirectMatch permanent ^/rstudio$ /rstudio/
I have tried the same with mod_rewrite rule (following) but without ProxyPassReverse and due to domain redirection on the GWT Rstudio, this does not work. Adding ProxyPassReverse would fix the problem but I am caught up with no expression on value part to deal with dynamic workspace server issue.
RewriteRule "^/rstudio/(.*)" "http://$1" [P]
Following is the third approach to solve this problem using LocationMatch and mod_headers:
<LocationMatch ^/rstudio/(.+)>
ProxyPassMatch http://$1
Header edit Location ^http:// "http://%{SERVER_NAME}e/rstudio/"
</LocationMatch>
But this is no joy too because value on header directive is not evaluated against environment variable (and only back-references work here). Althought I can get the reverse proxy thing working if I had code the business_server, which is :
<LocationMatch ^/rstudio/(.+)>
ProxyPassMatch http://$1
Header edit Location ^http:// "http://private_server/rstudio/"
</LocationMatch>
Question 1: I was wondering if there are any better way to solve this problem without hardcoding the server DNS in apache conf?
Question 2: With the hard coded server DNS the reverse proxy works for me (patchy but works) but I am hit with GWT issue of resource references on root and the request dispatch is not fully working. I get to the signin page but resources are not found.
I was wondering if there is any better way to handle that?
Following is the example log from browser:
Navigated to https://public_server/rstudio
rworkspaces:43 GET https://public_server/rstudio.css
rworkspaces:108 GET https://public_server/js/encrypt.min.js
rworkspaces:167 GET https://public_server/images/rstudio.png 404 (Not Found)
rworkspaces:218 GET https://public_server/images/buttonLeft.png 404 (Not Found)
rworkspaces:218 GET https://public_server/images/buttonTile.png 404 (Not Found)
rworkspaces:218 GET https://public_server/images/buttonRight.png 404 (Not Found)
We're using Apache in front of Jenkins. Jenkins' Ajax calls include a n header that apparently needs to survive the roundtrip. If we access Jenkins on port 8080, then the n header is included in the response, if we access it through mod_proxy, the n header is getting stripped.
I tried using mod_headers to preserve this header, but for some reason that doesn't work. Is there any other way I can force mod_proxy to leave this header alone?
Edit 1:
This is the response getting returned by Jenkins.
HTTP/1.1 200 OK
Server: Winstone Servlet Engine v0.9.10
Content-Type: text/html;charset=UTF-8
n: 131
Connection: Close
Date: Tue, 20 Mar 2012 09:53:42 GMT
X-Powered-By: Servlet/2.5 (Winstone/0.9.10)
This is what Apache is returning:
Connection:close
Content-Encoding:gzip
Content-Type:text/html;charset=UTF-8
Date:Tue, 20 Mar 2012 10:37:21 GMT
Transfer-Encoding:chunked
Vary:Accept-Encoding
Edit 2:
It turns out Nginx does pass the appropriate headers back. That's the way I managed to solve it now. Still the original question is relevant: is there any way to get it done using Apache?
I found a way to get around this issue under apache.
it was created by alex (see https://issues.jenkins-ci.org/browse/JENKINS-327)
basically
my jenkins running at "http://localhost:8080/jenkins"
I want to access it via jenkins.mydomain.com.
now when I access jenkins.mydomain.com apache will redirect me to jenkins.mydomain.com/jenkins, not perfact but at least works.
<VirtualHost *:80>
ServerName jenkins.mydomain.com
Redirect / http://jenkins.mydomain.com/jenkins
<Location /jenkins>
ProxyPass http://localhost:8080/jenkins
ProxyPassReverse http://localhost:8080/jenkins
</Location>
</VirtualHost>
I eventually moved to Nginx. Nginx didn't strip out the headers. Still, it remains weird that you cannot get Apache to leave the n header alone.
I have deployed my Wicket app at /myapp in Tomcat, and I have put it behind Apache web server using
ProxyPass / http://localhost:8080/myapp/
ProxyPassReverse / http://localhost:8080/myapp/
Now Wicket incorrectly redirect users to /myapp/xxx instead of /xxx.
Is there any way to make Wicket(1.3.5) use / as my root path (instead of /myapp which is servlet deployment context path)?!
Edit: There is a solution described at following link but it doesn't works for 1.3.5 version:
I found it: https://cwiki.apache.org/WICKET/wicket-behind-a-front-end-proxy.html
Edit: The problem is that wicket uses relative path redirects with ServletResponse#sendRedirect and Tomcat convert them to absolutes redirects containing /myapp at beginning. I have tried mod_jk(AJP) but there was no difference!
There should be some way to tell proxy-pass or mod-jk to rewrite redirects before sending them to client!
I didn't find direct answer but used following workaround with mod jk, I guess it is also possible to do with proxy pass.
RewriteRule /myapp/(.*) /$1 [L,R]
RewriteRule ^(.*) /myapp$1 [PT]
JkMount /myapp/* ajp13_worker
First line redirects request coming from client starting with /myapp/* (which are result of incorrect Wicket/Tomcat/Apache redirects) to /*.
Second line rewrites all requests from /* to /myapp/* and third line send them to tomcat.
For proxy pass, third line should be replaced with:
ProxyPass /myapp/ http://localhost:8080/myapp/
ProxyPassReverse /myapp/ http://localhost:8080/myapp/
You may find this Tomcat document helpful:
http://tomcat.apache.org/connectors-doc/generic_howto/proxy.html
It addresses the above situation with RedirectMatch and mod_rewrite.
Not tested myself, but have you looked at mod_rewrite? There are some examples describing what you want to do here.