You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Kristian Rink <kr...@zimmer428.net> on 2006/08/16 19:22:51 UTC
tomcat, apache, mod_rewrite and http-auth
Hi all;
I do have a web environment running inside my LAN in a tomcat container,
forcing users through HTTP Basic authentication. For now and locally,
this uses to work well - the browser is prompting the user with a HTTP
login window, and everything is fine.
Right now, I need to expose this service, and, as for most of the other
web sites hosted in our LAN, this includes using an apache2 in a DMZ
environment acting as Reverse Proxy using mod_rewrite. So far, so good.
My setup is something like that:
RewriteEngine On
RewriteLogLevel 5
RewriteLog "/var/log/apache2/rewrite.log"
RewriteRule ^/pcd/(.*) http://192.168.1.242:8080/pcd/$1 [P] [L]
It works, which I hoped. But it doesn't work _right_. Whenever
requesting an URL like
http:/<domain>/pcd/get?... ,
I am prompted to log in using HTTP auth. But then, after this happened,
the browser tries to access 192.168.1.242 instead of <domain>. This is
obviously not working, and this also ain't what I want. But I wonder why
mod_rewrite doesn't work well in this situations.
Explanations, anyone? Or hints how to get out of this?
Much appreciated, if so.
TIA and bye,
Kristian
--
Kristian Rink * http://zimmer428.net * jab: kawazu@jabber.ccc.de
icq: 48874445 * fon: ++49 176 2447 2771
"Wenn einer allein träumt, ist es nur ein Traum. Wenn viele gemeinsam
träumen, ist das der Anfang einer neuen Wirklichkeit." (Hundertwasser)
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: tomcat, apache, mod_rewrite and http-auth
Posted by Kristian Rink <kr...@zimmer428.net>.
Hi David, @list;
On Thu, Aug 17, 2006 at 08:33:21AM -0400, David Smith wrote:
> Have you tried loosening up the refresh to let's say 5 seconds? Sounds
> to me like the refresh rate is too intense for a proxy environment.
I will give that a try. By now, I started setting up a second
configuration using mod_jk which _seems_ to work more reliable using my
in-house development environment. Perhaps it will also help providing
better external access to the resource.
> Another way to go (and I don't have the sample code) is to use a little
> javascript and some AJAX techniques for updating the page without a
> round trip.
Yeah, I thought about this as well, but then again, initially I didn't
expect to see any issues with my approach about that, and I am not yet
experienced enough to know about AJAX in a proxy environment...
Nevertheless, thanks a lot for your hints! :)
Cheers & best,
Kristian
--
Kristian Rink * http://zimmer428.net * jab: kawazu@jabber.ccc.de
icq: 48874445 * fon: ++49 176 2447 2771
"Wenn einer allein träumt, ist es nur ein Traum. Wenn viele gemeinsam
träumen, ist das der Anfang einer neuen Wirklichkeit." (Hundertwasser)
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: tomcat, apache, mod_rewrite and http-auth
Posted by David Smith <dn...@cornell.edu>.
Have you tried loosening up the refresh to let's say 5 seconds? Sounds
to me like the refresh rate is too intense for a proxy environment.
Another way to go (and I don't have the sample code) is to use a little
javascript and some AJAX techniques for updating the page without a
round trip.
--David
Kristian Rink wrote:
>Hi David, @list;
>
>first off, both thanks a lot for pointing me the right way, and let me
>apologize, as well, as this seems to be a question where RTFM would have
>been helpful before bothering the list - however, I wasn't aware that
>tomcat would need a special setup in order to run behind a proxy.
>
>
>By now, it basically is working the way I want it, leaving only one
>issue: This whole configuration is just almost unusable in our
>environment.:/ One of the core parts of the application to be proxied
>relies upon refreshing frequently (read, each second) using "Refresh"
>headers, and somehow this doesn't seem to work accessing the page from
>the outside through the apache2 proxy. There are several different
>phenomenons to appear almost randomly:
>
>- Sometimes, the "Refresh" of the site works well, the result is
>displayed well.
>
>- Sometimes, the site refresh ends up displaying a "302 moved - this
>document is <a..>here</a>". This sometimes also includes partial or full
>textual output of the page to be refreshed.
>
>- Sometimes, just nothing happens, ending with a blank page.
>
>
>Depending on how the proxy is configured (using mod_proxy or
>mod_rewrite), things are better or worse but never really pleasing.
>
>Questions, this way:
>
>- Can I get "Refresh" headers through a reverse proxy in a working way
>with a configuration like that?
>
>- Is this strange behaviour more likely to be a matter of configuration
>or of slow network / hardware?
>
>- Right now I am looking at mod_jk(2) to see how this will do - is this
>likely to get me out of this trouble given that tomcat and apache2 are
>running on different hosts?
>
>
>Thanks a lot for any inspirations and help.
>Bye,
>Kristian
>
>
>David Smith schrieb:
>
>
>>The connector receiving request from Apache needs at least the first
>>attribute added to it:
>>
>>proxyName="domain.name.com": the domain name of the Apache httpd server
>>acting as a front end to Tomcat
>>proxyPort="80": the port number of the Apache httpd server
>>
>>There is a sample of this in the server.xml distributed with tomcat.
>>
>>
>>
>
>
>
>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: tomcat, apache, mod_rewrite and http-auth
Posted by Kristian Rink <kr...@zimmer428.net>.
Hi David, @list;
first off, both thanks a lot for pointing me the right way, and let me
apologize, as well, as this seems to be a question where RTFM would have
been helpful before bothering the list - however, I wasn't aware that
tomcat would need a special setup in order to run behind a proxy.
By now, it basically is working the way I want it, leaving only one
issue: This whole configuration is just almost unusable in our
environment.:/ One of the core parts of the application to be proxied
relies upon refreshing frequently (read, each second) using "Refresh"
headers, and somehow this doesn't seem to work accessing the page from
the outside through the apache2 proxy. There are several different
phenomenons to appear almost randomly:
- Sometimes, the "Refresh" of the site works well, the result is
displayed well.
- Sometimes, the site refresh ends up displaying a "302 moved - this
document is <a..>here</a>". This sometimes also includes partial or full
textual output of the page to be refreshed.
- Sometimes, just nothing happens, ending with a blank page.
Depending on how the proxy is configured (using mod_proxy or
mod_rewrite), things are better or worse but never really pleasing.
Questions, this way:
- Can I get "Refresh" headers through a reverse proxy in a working way
with a configuration like that?
- Is this strange behaviour more likely to be a matter of configuration
or of slow network / hardware?
- Right now I am looking at mod_jk(2) to see how this will do - is this
likely to get me out of this trouble given that tomcat and apache2 are
running on different hosts?
Thanks a lot for any inspirations and help.
Bye,
Kristian
David Smith schrieb:
> The connector receiving request from Apache needs at least the first
> attribute added to it:
>
> proxyName="domain.name.com": the domain name of the Apache httpd server
> acting as a front end to Tomcat
> proxyPort="80": the port number of the Apache httpd server
>
> There is a sample of this in the server.xml distributed with tomcat.
>
--
Kristian Rink * http://zimmer428.net * jab: kawazu@jabber.ccc.de
icq: 48874445 * fon: ++49 176 2447 2771
"Wenn einer allein träumt, ist es nur ein Traum. Wenn viele gemeinsam
träumen, ist das der Anfang einer neuen Wirklichkeit." (Hundertwasser)
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: tomcat, apache, mod_rewrite and http-auth
Posted by David Smith <dn...@cornell.edu>.
The connector receiving request from Apache needs at least the first
attribute added to it:
proxyName="domain.name.com": the domain name of the Apache httpd server
acting as a front end to Tomcat
proxyPort="80": the port number of the Apache httpd server
There is a sample of this in the server.xml distributed with tomcat.
--David
Kristian Rink wrote:
>Hi all;
>
>I do have a web environment running inside my LAN in a tomcat container,
>forcing users through HTTP Basic authentication. For now and locally,
>this uses to work well - the browser is prompting the user with a HTTP
>login window, and everything is fine.
>
>Right now, I need to expose this service, and, as for most of the other
>web sites hosted in our LAN, this includes using an apache2 in a DMZ
>environment acting as Reverse Proxy using mod_rewrite. So far, so good.
>
>My setup is something like that:
>
>
> RewriteEngine On
> RewriteLogLevel 5
> RewriteLog "/var/log/apache2/rewrite.log"
>
> RewriteRule ^/pcd/(.*) http://192.168.1.242:8080/pcd/$1 [P] [L]
>
>
>It works, which I hoped. But it doesn't work _right_. Whenever
>requesting an URL like
>
>http:/<domain>/pcd/get?... ,
>
>I am prompted to log in using HTTP auth. But then, after this happened,
>the browser tries to access 192.168.1.242 instead of <domain>. This is
>obviously not working, and this also ain't what I want. But I wonder why
>mod_rewrite doesn't work well in this situations.
>
>Explanations, anyone? Or hints how to get out of this?
>Much appreciated, if so.
>
>
>TIA and bye,
>Kristian
>
>
>
>
>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org