I've set up a host with apache to serve static pages and to use Tomcat to serve my web application (See this question). The static pages are server from
"http://myhost.com"
and the dynamic (tomcat) pages are server from
"http://myhost.com/myapp"
The mod_proxy makes sure the "http://myhost.com/myapp" are forwarded to tomcat server running on "http://myhost.com:8080".
The problem is that now you get the standard Tomcat introduction page on "http://myhost.com/myapp" but if you click on a local link (e.g. 'Status') on the left, it generates an URL
"http://myhost.com/manager/status" while it should generate: "http://myhost.com/myapp/manager/status"
(The same is true for webapps installed under tomcat)
What should be changed in my configuration (apache, tomcat?) to redirect my tomcat links to the right place?
Have you set the ProxyPassReverse setting in your httpd.conf. This will overwrite the HTTP Header an you'll get to the correct request on the side of tomcat.
Your URLs are mapped from:
http://myhost.com/myapp -> http://myhost.com:8080
This means that accessing the above URL will be mapped to the ROOT application in Tomcat. The ROOT application will generate pages that contain links from Tomcat's root context.
In other words, if you go to:
http://myhost.com:8080
you will get a page that contains links to
http://myhost.com:8080/manager/status
This link will work. However when that page is given back to a browser that requested it via Apache, the full URL then looks like: http://myhost.com/manager/status
I assume that you intend to deploy an application called 'myapp' to Tomcat? If that is the case the Tomcat URL for this app will be
http://myhost.com:8080/myapp
Which will also work be mapped correctly when accessed via Apache.
If you absolutely must access Tomcats root application in this way you'll have to rewrite the URLs it outputs in the pages it returns.
I've had the most success with mod_proxy_ajp. It requires mod_proxy, but works over ajp. Using it instead, your conf file looks similar
ProxyPass / ajp://localhost:8009/
See my similar question and also the answer to this question. The only fault in mod_proxy_ajp that I've found is that if I need to restart tomcat I have to force an apache restart too.
Related
I have the following question that I do not know how to solve it in the most efficient way.
I have two servers, one with Apache where I have a Wordpress instance responding for port 80, and on another server I have a Wildfly with another application listening on port 8080. The Wordpress that I have configured on the Apache server, responds to the URL http://www.somedomain.com What I'm not so clear about is how to do when a request arrives at http://www.somedomain.com/yyyy and redirects me to the Wildfly server where an application is responding to the URL : 8080 / app
How could I do it in the most effective way? Using the rewrite module in the .htaccess file or using the Apache proxy module and configuring it in the Apache virtual host? How would I have to do it?
Thank you very much in advance.
You're mixing a few things that are not related to each other. First of all, a redirect is something different than a proxy. Redirecting means asking the client (browser) to look at another URL. A proxy, on the other hand, retrieves the content of the other URL itself and passes it to the client. Using a proxy, the other URL remains invisible to the client.
Second, mod_rewrite is not limited to htaccess configuration. In fact it's better to configure mod_rewrite in the virtual host configuration, just as you suggested with the proxy configuration.
The htaccess is simply for users who are not allowed to mess with the server configuration itself. Configuration in the htaccess can be limited by the admin for security purposes at the cost of slowing down the server.
That said, if you are looking to map your wildfly server paths into your main server's paths, you might want to use something like this inside your main server's virtual host block:
<Location "/yyyy">
ProxyPass "http://wildfly:8080/app"
</Location>
See http://httpd.apache.org/docs/current/mod/mod_proxy.html#proxypass for detailed explanations.
I had a drupal installation working fine. I tried to migrate that one on a Docker Container runing behind a nginx reverse proxy. Everything seems fine but i have some .js and .css files that can't load because in drupal they are linked with http. The error is:
Mixed Content: The page at https://proxy.xx.xx/ was loaded
over HTTPS, but requested an insecure stylesheet
http://proxy.xx.xx/sites/default/files/css/css_xE-rWrJf-
fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css'. This request has been
blocked; the content must be served over HTTPS.
I have something like 7 of them and i can't find where those files are called in drupal or how to change the http to https.
Best regards.
Alright, so I got to work by adding the following to the Drupal settings.php:
$conf['reverse_proxy'] = TRUE;
$base_url = 'https://whatever-your-domain-is.com';
$conf['reverse_proxy_addresses'] = array('internal_nginx_proxy_ip');
$conf['reverse_proxy_header'] = 'HTTP_X_FORWARDED_FOR';
This works for jwilder's nginx-proxy container(s) together with JrCs' letsencrypt companion container. The nginx container is handling the HTTPS/SSL (certificates) and talks HTTP with the Drupal-container internally. The Drupal container only needs to be run with the 3 ENV VARS VIRTUAL_HOST, LETSENCRYPT_HOST, LETSENCRYPT_EMAIL for everything to be set up and work its magic.
Only downside: The Drupal container's apache logs show the internal IP of the nginx proxy. But the nginx logs show the correct client IPs and Drupal apparently gets them right as well, so it's only a minor nuisance for me.
I guess the additions to the settings.php should also be applicable to custom/manual setups.
We found what was wrong. Drupal was communicating with the Nginx proxy without ssl. Some config and it was ok.
Tomcat in our application is considered back-and side and additionaly we have apache that fronting tomcat server as a reverse proxy and redirect requests to appropriate tomcat instance.
Now we need to set up HTTPS connection between apache proxy and tomcat for specific urls(Login, etc..). Tomcat documentation says that it's possible to achieve this with additional <Connector> within server.xml config.
In order to set up https over login page existing configuration with AJP protocol was replaced with the following:
ProxyPass /app/login/ https://127.0.0.1:6666/app/login/
All other urls specified like below:
ProxyPass /app/anyotherurl/ ajp://127.0.0.1:5555/app/anyotherurl/
With configuration below we expect that secure data (login/password) for login page will be encrypted and all other page will remain unchanged.
After the login apache should use normal ajp protocol because there is no sensetive information any more to protect. But it's not what actually happen in our case because for some reason apache is redirecting us to host specified in ProxyPass, namely to localhost.
This could happen due to the fact that our application while executing login logic on tomcat has two consecutive redirects.
We've tried to set ProxyPreserveHost on within virtual host to fix situation mentioned above, but we are not sure whether it is secure option and this one won't break another pages as well as we are not sure how it will work if tomcat will be located on other machine.
It would be good to know any other solution how such stuff can be applied internally for specific pages.
I have been trying to get this work for the last 2 days since I am relatively new to Apache server. This is what I am trying to do in my local machine.
I have installed Apache Server and it acts as a front gate for all requests and sends them to JBOSS server. This is through AJP method.
I have enabled the mod_rewrite in http.conf and I want to do a simple redirect in my localhost. Below is what I tried..
RewriteEngine on
RewriteRule ^first.html$ second.html
This is not working as the log says it is looking the files in the document root C:\Apacheserver\Apache2\htdocs and i dont have any files in this location as the file comes from JBOSS(For ex: C:/jboss4.0/jboss-4.0.3SP1/server/MyApp/deploy/unisysv2.ear/web-app.war).
How do I make this redirect work under this condition.
Thanks
You should configure "bridge" between Apache an JBoss. Use mod_jk module or mod_proxy for that purpose, which are implementation of ajp communication protocol between Apache and JBoss.
We currently have Apache/ WAS setup and I want the Apache to handle the static content and it is working as expected.
My question:
We have always used www.xxx.com before and WAS used to handle the page, now we want to WEB server to handle the page and route www.xxx.com to www.xxx.com/index.jsp without the user knowing about it.
We want to user to type in www.xxx.xom in the url and get to the WAS through Apache.
If I get you correctly, you want a reverse proxy for dynamic content of your website. Apache has the mod_proxy that allows you to do that for selective URLs. The ProxyPass directive allows you to specify what URLs are mapped to which HTTP servers. HTTP headers are modified accordingly that the external information can reach the WAS that is hidden behind your Apache. IIRC, WAS can be configured to be aware of the reverse proxy.
Reverse proxy based on a prefix:
ProxyPass /mirror/foo/ http://backend.example.com/
Reverse proxy based on a regex:
ProxyPassMatch ^(/.*\.gif)$ http://backend.example.com$1