I have configured an apache 2.2 server to forward requests to a tomcat 6 application listen on 8080/tcp. When the request is processed by apache, it duplicates the name of the application. So an error is posted on the browser.
Apache and tomcat are living at the same server, behind a firewall. On the firewall, I have created a redirect rule to forward all 80/tcp requisitions to apacheĀ“s server. 8080 tcp port is blocked on firewall.
Here is my apache 2.2 config:
<VirtualHost *:80>
ServerName myaddress.com
ServerAlias myaddress.com
ServerAdmin webmaster#myaddress.com
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location />
Order allow,deny
Allow from all
ProxyPass http://localhost:8080/portal
ProxyPassReverse http://localhost:8080/portal
</Location>
</VirtualHost>
Here is my server.xml config:
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" proxyPort="80" proxyName="myaddress.com"/>
When I type http://myaddress.com in the browser, the address is replaced by http://myaddress.com/portal and the following error message is showed:
HTTP Status 404 - /portalportal/
type Status report
message /portalportal/
description The requested resource (/portalportal/) is not available.
It should look like:
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
the "/" means it should be accessed from http://localhost -> proxied to -> http://localhost:8080/portal.
Instead of this you can connect tomcat to apache using workers so that you never have to deal with port 8080, only the apache ones. A good source is http://www3.ntu.edu.sg/home/ehchua/programming/howto/ApachePlusTomcat_HowTo.html
and there are many more guides you can find. So you will have JKmount with the desired path along with your worker name
JkMount /path worker1 for example
Hope I didn't misunderstand your question, and hope it helps!
Related
I know similar questions have been asked a lot already, and I feel like I read all of them 12 times. Every time the answer is slightly different, and I tried virtually all combinations, but still cannot get it to work...
So, I have an Apache and a Tomcat running in a Freenas Jail (so running FreeBSD). I used Certbot to get an SSL certificate for my domain. Lets call that example.com. In my router, I opened ports 80 and 443.
Now, I want users to just enter either 'www.example.com' or 'example.com' in their browser, and land on 'https://www.example.com' and port 8080.
I found that to accomplish this, I need to configure my apache Virtual Hosts file. However, as I said, I found many different things to put in there, and none of them seem to be exactly the right ones. Here is what I have now:
<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com
# ProxyPreserveHost On
# ProxyRequests Off
# ProxyPass / http://localhost:8080/
# ProxyPassReverse / http://localhost:8080/
# Redirect permanent / https://www.example.com/
</VirtualHost>
<VirtualHost _default_:443>
SSLEngine on
SSLCertificateFile /usr/local/etc/letsencrypt/live/example.com/cert.pem
SSLCertificateKeyFile /usr/local/etc/letsencrypt/live/example.com/privkey.pem
SSLCertificateChainFile /usr/local/etc/letsencrypt/live/example.com/chain.pem
ServerName www.example.com
ServerAlias example.com
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
</VirtualHost>
I also added this into the Tomcat server.xml:
<Connector className="org.apache.catalina.connector.http.HttpConnector"
port="8080"
proxyName="www.example.com"
proxyPort="80"/>
So, my questions are these:
Does it matter which one has www, ServerName or ServerAlias? Because I've seen both.-
Should I have Apache listen on port 80 or 433?
How can I verify if Apache and tomcat are listening on the right ports? Before, I had this in a CentOS VPS, and there it was with 'netstat -tulpn'. (I didnt have SSL yet back then)
At one point, I had it almost working: entering example.com was properly redirected to https://www.example.com/ on port 8080 because I reached the website runnning in Tomcat. If I removed then the 's' in the URL, it did not redirect to https again. Also, I should have saved that exact config because I cannot find it back...
I will be so thankful for any answer I get. Thanks a lot in advance.
Reygok
Let's go through your questions:
Does it matter which one has www, ServerName or ServerAlias?
Use in server name the canonical hostname, in alias aliases pointing to your CNAME. Choose which name you want to advertise to the users.
Should I have Apache listen on port 80 or 443?
You must do both because Let's Encrypt requires port 80 to be open, so HTTPd has to do Listen *:80 and Listen *:443.
How can I verify if Apache and tomcat are listening on the right ports?
FreeBSD magic: sockstat -46
Now to your setup:
Assumptions: HTTPd and Tomcat run on the same host and Tomcat listens on localhost.
Tomcat's server.xml:
<Connector address="localhost" port="8080" redirectPort="443" ... />
I never needed the proxy* attributes, just used this in the <Host />:
<Valve className="org.apache.catalina.valves.RemoteIpValve" />
the access log valve will require: requestAttributesEnabled="true"
HTTPd:
<VirtualHost *:80>
Redirect permanent / https://{hostname}/
</VirtualHost>
<VirtualHost *:443>
ProxyPreserveHost On
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
RequestHeader set X-Forwarded-Proto "https"
</VirtualHost>
In your web.xml you set to have Tomcat to redirect to HTTP to HTTPS: http://docs.adaptivecomputing.com/viewpoint/hpc/Content/topics/1-setup/securityConfiguration/modifyingWebxmlEnableHTTPS.htm
I am using httpd and tomcat for my web application,
so i want to remove 8080 port which is coming in my url.
i tried following things
Made <Connector port="80" in server.xml but its not working.
Used Proxypass in httpd.conf
<VirtualHost *:80>
ServerName myapp.com
ServerAlias www.myapp.com
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass /MyAppPath http://localhost:8080
ProxyPassReverse http://localhost:8080
but both of the things are not working.
whenever i am hitting www.mysite.com its showing apache 2.2 page.
To reach out to mysite every time i need to put www.mysite.com:8080/
please guide.
Thanks in Advance
Resolved by pointing tomcat to 80 and stoped the httpd service.
Worked for me.
I have Apache 2.4 with mod_proxy_ajp to forward REST requests to Tomcat 7. Everything works fine except that I am using Atmosphere 2.1.2 and the Atmosphere calls do not make it to Tomcat. I know that there are alternatives to Apache for working with websockets (Nginx and HAProxy etc) but I was wondering if there is a way to make it work with Apache?
Here is my VirtualHost definition in httpd.conf
<VirtualHost *:80>
ServerName 192.168.0.100
ProxyPass /roomky ajp://192.168.0.100:8009/roomky
ProxyPassReverse /roomky ajp://192.168.0.100:8009/roomky/
ProxyRequests On
ProxyVia On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
</VirtualHost>
Any suggestions?
In Apache:
You must to add mod_proxy_wstunnel (also requires mod_proxy)
Add proxy rules with the correct websocket (WS, not AJP) protocol:
ProxyPass /roomky ws://localhost:8080/roomky
ProxyPassReverse /roomky ws://localhost:8080/roomky
In Tomcat:
1.- Declare a NIO Connector in $CATALINA_HOME/conf/server.xml
<Connector
protocol="org.apache.coyote.http11.Http11NioProtocol"
port="8080"
...
"/>
Restart both servers and test it again!
I have successfully pointed Apache http request to point to tomcat 8080. but the issue is the images and css are not getting loaded. It still is looking at port 80. The application is hosted in amazon ec2
My tomcat deployed url :
If I type www.abc.com it successfully redirect to my application and shows the welcome page. but the images are not showing.
If I include port 8080 in the url the image are showing. eg:
www.abc.com:8080/WebApplication/img/xy.jpg
server.xml
<Connector executor="tomcatThreadPool"
port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
Config of httpd.conf in apache
<IfModule mod_proxy.c>
ProxyRequests Off
#<Proxy *>
# Order deny,allow
# Deny from all
# Allow from .example.co
ProxyPass / http://www.sabc.com:8080/WebApplication1/
ProxyPass /WebApplication1/img www.abc.com:8080/WebApplication1/img
ProxyPass /WebApplication1/css www.abc.com:8080/WebApplication1/css
ProxyPassReverse /WebApplication1/css www.abc.com:8080/WebApplication1/css
ProxyPass /WebApplication1/img www.abc.com:8080/WebApplication1/img
ProxyPassReverse / www.abc.com:8080/WebApplication1/
#</Proxy>
First thing is you shouldn't be required to mention ProxyPass settings if you already have below code.
ProxyPass / http://www.sabc.com:8080/WebApplication1/
ProxyPassReverse / http://www.sabc.com:8080/WebApplication1/
Still if there is any requirement to specifically mention it, it seems that code written needs to be rectified for ProxyPass Reverse for images as below.
ProxyPass /WebApplication1/img http://www.sabc.com:8080/WebApplication1/img
ProxyPass /WebApplication1/css http://www.sabc.com:8080/WebApplication1/css
ProxyPass***Reverse*** /WebApplication1/img http://www.sabc.com:8080/WebApplication1/img
ProxyPassReverse /WebApplication1/css http://www.sabc.com:8080/WebApplication1/css
Is there any way I connect Apache to Tomcat using an HTTP proxy such that Tomcat gets the correct incoming host name rather than localhost? I'm using this directive in apache:
ProxyPass /path http://localhost:8080/path
But it comes through as localhost, which is useless when we have a bunch of sites on the same server. I could set the host manually in the server config:
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
proxyName="pretend.host" proxyPort="80" />
But that again doesn't serve more than one site. And I don't like the idea of using a different internal port for each site, that sounds really ugly.
Is there no way to transfer the port when I proxy it?
(If you ask why I don't just use AJP, the answer is this error. I'm trying everything I can before giving up on Tomcat and Apache entirely)
The settings you are looking for are:
<VirtualHost *:80>
ServerName public.server.name
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
</VirtualHost>
Note that we're using localhost as the proxy target. We can do this since we enable ProxyPreserveHost. The documentation states that
It is mostly useful in special configurations like proxied mass name-based virtual hosting, where the original Host header needs to be evaluated by the backend server.
which sounds exactly like what you are doing.
I think your best bet if you want multiple sites on the same server is to use virtual hosts in your Apache configuration. Here's an example:
<VirtualHost *:80>
ServerName server.domain.com
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://server.domain.com:8080/
ProxyPassReverse / http://server.domain.com:8080/
<Location />
Order allow,deny
Allow from all
</Location>
As long as you have server.domain.com registered in your external DNS, the incoming host name will be displayed in client URLs. I'm running a single server hosting 6 separate sites, including 3 that are back by Tomcat, using this method.
You can still use AJP, and you should since it's faster than HTTP. Just make sure to enable it in http.conf:
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
In that case, this configuration works for me:
<VirtualHost *:80>
ServerName public.server.name
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / ajp://localhost:8080/
# ProxyPassReverse might not be needed,
# it's only for redirecting from inside.
# ProxyPassReverse / ajp://localhost:8080/
</VirtualHost>