I have a configured reverse proxy in apache server to authenticate user throughs oauth2.
When the proxy path is different than the one in the server, the session cookie is lost and i get authorization_request_not_found error.
The following configuration is working fine while /backend in both:
ProxyPass "/backend" "http://localhost:8085/backend"
ProxyPassReverse "/backend" "http://localhost:8085/backend"
When i configure a different path i can't see the session Cookie so the authentication fail:
ProxyPass "/service" "http://localhost:8085/backend"
ProxyPassReverse "/service" "http://localhost:8085/backend"
In this case /service is different than /backend
Can you please help me through the required config to pass the cookie to the backend to keep the functionality as expected.
Thank you
I am new to Apache configuration with Jboss EAP 7 as web server. I am using Jboss EAP 7 as the web server where i deployed my application which is working good. Its listening to http with port no as 8080. When i try to access the application from Apache with http , its working well. But the same from https is not working. Apache version is 2.4.43 . The below is my configuration.
<VirtualHost x.x.x.x:80>
ProxyPass /Hello http://x.x.x.x:8080/Hello
ProxyPassReverse /Hello http://x.x.x.x:8080/Hello
</VirtualHost>
The above works fine.
But the below is not working
<VirtualHost x.x.x.x:443>
ProxyPass /Hello http://x.x.x.x:8080/Hello
ProxyPassReverse /Hello http://x.x.x.x:8080/Hello
</VirtualHost>
Getting the following error. Not sure what could be the issue?The following is the error logd from Apache server:
[proxy:error] (70007)The timeout specified has expired: AH01084: pass request body failed to x.x.x.x:8080
[proxy_http:error] AH01097: pass request body failed to x.x.x.x:8080
From the browser, i get 504 error message like below.
The gateway did not receive a timely response from the upstream server or application.
Can anyone help me on this issue?
Thanks,
Suresh
It seems to be issue with my certificates. The same configuration is working fine with valid certificate in other environments.
I have a wordpress application deployed on an Apache server running on port 80 and I also have a java web application deployed on a Tomact server running on port 443.
So basically I have:
http ://mysite.com (Apache)
https: //mysite.com/application (Tomcat)
Now I need to start using my SSL certificate for my website. I know that these processes cannot share the same port. Is there a way to keep both urls without adding an extra port? So both can be accessed via:
https ://mysite.com (Apache)
https ://mysite.com/application (Tomcat)
I'm basing this answer on my configuration with Apache in the front of a Tomcat instance. I don't have your exact configuration but I believe the following should work.
I have an SSL configuration which is where things get forwarded to Tomcat.
I've modified it to be what I think you need:
<VirtualHost _default_:443>
ServerName www.example.com
ProxyPreserveHost on
ProxyPass /application http://localhost:8080/application
ProxyTimeout 360
# rest of the ssl configuration
</VirtualHost>
This should forward everything under /application to Tomcat and keep the rest being served by Apache. Note that this assumes that you have the proxy (a.k.a. mod_proxy) module enabled for your server.
An easy way of doing this is to mount an Nginx server and manage the redirection according to the URL hit:
server {
listen 80;
server_name *.domain.me;
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl;
server_name *.domain.me;
ssl_certificate /path/to/crt;
ssl_certificate_key /path/to/key;
location / {
proxy_pass http://destinationIp:destinationPort;
proxy_set_header Host $host;
}
}
I'm running Apache HTTPD on port 80, and I have 2 instances of Apache Tomcat on port 8080 and 1010.
I deployed a war file on each tomcat:
project1.war on tomcat1
project2.war on tomcat2
The goal is being able to call project1 and project2 using just the domain, I want to avoid using the port number in the URL.
I figured out that mod_jk is the right tool to use for this purpose but I couldn't configure Apache properly to run it. I have two domains ready to use:
domain1.mysite.com
domain2.mysite.com
Any help is appreciated. Thank you
You'd be needing some apache httpd virtual host configuration like
Listen 80
<VirtualHost *:80>
ServerName domain1.mysite.com
ProxyPass "/project1" "ajp://backend.example.com:8009/project1"
ProxyPassReverse "/project1" "http://www.example.com/project1"
# Other directives here
</VirtualHost>
<VirtualHost *:80>
ServerName domain2.mysite.com
ProxyPass "/project2" "ajp://backend.example.com:8009/project2"
ProxyPassReverse "/project2" "http://www.example.com/project2"
# Other directives here
</VirtualHost>
composed from Httpd VirtualHost Configuration and mod_proxy_ajp
I have a web application on tomcat http://localhost:8080/WebApp/
The I have configrued Apache 2 (mod_proy) so that the web application is directly accessible by localhost with out port and name: e.g http://localhost
<VirtualHost localhost:80>
ProxyPreserveHost On
ProxyPass / http://localhost:8080/WebApp/
ProxyPassReverse / http://localhost:8080/WebApp/
</VirtualHost>
The index.html is shown correctly on http://localhost.
But if a servlet redirects:
#WebServlet(description = "...", urlPatterns = { "/login" })
public class LoginServlet extends HttpServlet
{
#Override
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws IOException
{
response.sendRedirect("a.html");
}
}
and I use the URL http://localhost/login - I am redirected to http://localhost/WebApp/a.html
How do I get the correct redirect to http://localhost/a.html?
Thanks to Stuart and his link to this blog I found a solution:
Reverse Proxying Tomcat Web Applications Behind Apache
Solution: ProxyPreserveHost must be turned off!
Reason: If it is switched on, the response headers returned by the proxy backend will contain “localhost” or the real domain without the port number (or 80). So the ProxyPassReverse pattern does not match (because of the different port and if another domain name is used, also the domain name will not match).
Config:
<VirtualHost localhost:80>
ProxyPreserveHost Off
ProxyPass / http://localhost:8080/WebApp/
ProxyPassReverse / http://localhost:8080/WebApp/
</VirtualHost>
But this works only via http, not via ajp (I don’t know why).
If you still want to use ajp you could use the following workaround - Let Apache do another redirect after the wrong redirect:
<VirtualHost localhost:80>
ProxyPass /WebApp !
ProxyPass / ajp://localhost:8009/WebApp/
ProxyPassReverse / ajp://localhost:8009/WebApp/
RedirectMatch 301 ^/WebApp/(.*)$ /$1
RedirectMatch 301 ^/WebApp$ /
</VirtualHost>
The ProxyPass /WebApp ! directive is needed to exclude the path from further processing in mod_proxy (because proxy directives are evaluated before redirect directives)
Then the RedirectMatch directives redirect everything stating with /WebApp/... respectively /WebApp to the URL without /WebApp at the beginning.
The only drawback is that you must not have any sub folder named WebApp in your web application
I also had this problem and spent some time on it. I believe that if you change your apache httpd configuration to the following your redirect will work:
<VirtualHost localhost:80>
ProxyPreserveHost On
ProxyPass / http://localhost:8080/WebApp/
ProxyPassReverse / http://localhost/WebApp/
ProxyPassReverseCookiePath /WebApp /
</VirtualHost>
This is because the tomcat response headers will contain the proxy headers (i.e. the Location header is http://localhost/WebApp rather than http://localhost:8080/WebApp) because ProxyPreserveHost is switched On.
As a footnote: This also works with you want to change your webapps context. Say you wanted to change the publicly visible context to context you can use the following:
<VirtualHost localhost:80>
ProxyPreserveHost On
ProxyPass /context/ http://localhost:8080/WebApp/
ProxyPassReverse /context/ http://localhost/WebApp/
ProxyPassReverseCookiePath /WebApp /context
</VirtualHost>
For reference, I found this blog post extremely helpful: Reverse Proxying Tomcat Web Applications Behind Apache
you have use to AJP Connector to connect apache2 & tomcat , it will be the perfect solutions for this.
if you need how to configure this, tell me i will explain this detail
Use forwarding instead of redirection
I think your problem is the use of sendRedirect. Calling sendRedirect is actually suppose to show the browser that the URL has been redirected. If you want to hide that you need to use forwarding.In your servlet try this instead of sendRedirect.
String servletPath = request.getServletPath();
if(servletPath.equals("/app1")){
ServletContext ctx = request.getServletContext().getContext("/app1");
RequestDispatcher dispatcher=ctx.getServletContext().getRequestDispatcher( "/app1/app1.html" ); // or wherever you actually keep app1.html
dispatcher.forward( request, response );
}
Inside your context.xml set crossContext = "true" so you can forward requests to other web applications.
<Context crossContext="true" ....../>
I had the same problem while tried to redirect the apache2(running on port 80) request to tomcat(application server running on port 8080).
This is the configuration which is working perfectly.
Go to /etc/apache2/sites-available/000-default.conf and add the following config:
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
# for redirecting the websocket requests
ProxyPass /ws ws://localhost:7681/
#ProxyPass /ws ws://localhost:7681/
ProxyPassReverse /ws ws://localhost:7681/
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
# for redirecting the http request
ProxyPass /applicationContextUrl ' http://localhost:8080/applicationContextUrl
ProxyPassReverse /applicationContextUrl http://localhost:8080/applicationContextUrl
ProxyPassReverseCookiePath /applicationContextUrl /
ProxyPassReverseCookieDomain localhost applicationContextUrl
ProxyRequests off
ProxyTimeout 15
ErrorLog ${APACHE_LOG_DIR}/nirad_error.log
LogLevel debug
CustomLog ${APACHE_LOG_DIR}/nirad_access.log combined
<Proxy *>
AddDefaultCharset off
Order deny,allow
Allow from all
#Require all denied
Require all granted
Require local
</Proxy>
</VirtualHost>
Done.
Now goto terminal and hit the following command.
sudo a2enmod proxy_http (for http redirection).
sudo a2enmod proxy_wstunnel (for websocket redirection)
and sudo service apache2 restart
run your application server on port 8080