You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Simon Moser <si...@netzschmiede.ch> on 2002/12/30 11:42:21 UTC

[users@httpd] Problems with mod_dav when using a reverse-proxy with SSL and mod_rewrite

Hello,

We are encountering problems with COPY- and MOVE-requests (mod_dav enabled) when
 the requests are redirected by a reverse-proxy (mod_ssl, mod_rewrite). We have
the following setup at our site:

A SSL-enabled webserver acts as reverse-proxy for incoming dav-requests. SSL is
used to avoid sending cleartext-passwords over the net. The requests are
forwarded to another webserver with mod_dav enabled using mod_rewrite. This
webserver is listening on http-requests on a different port than the ssl-port (443).

We used the tool 'cadaver' to test the setup. When connecting to the mod_dav
enabled webserver directly, the setup seems fine, but when connecting via the
reverse-proxy, the COPY and MOVE requests fail with the following error:

   .
   .
dav:/upload/wwwtest.mydomain.org/> copy index.html index1.html
Copying `/upload/wwwtest.mydomain.org/index.html' to
`/upload/wwwtest.mydomain.org/index1.html':  failed:
502 Bad Gateway
   .
   .


Some investigation showed that COPY uses a 'Destination'-field in the
http-header. According to the specification, this field contains a URI, in our
case 'https://sslhost.mydomain.org/upload/wwwtest.mydomain.org/index1.html'.


After modifying the logformat of the dav-webserver, we could see that the
destination-field is not rewritten by mod_rewrite:

   .
   .
192.168.1.100 - smoser [29/Dec/2002:21:45:56 +0100] "PROPFIND
/upload/wwwtest.mydomain.org/index1.html/ HTTP/1.1" 404 249 - HOST:
davhost.mydomain.org:8010
192.168.1.100 - smoser [29/Dec/2002:21:45:56 +0100] "COPY
/upload/wwwtest.mydomain.org/index.html HTTP/1.1" 502 259 DESTINATION:
https://sslhost.mydomain.org:443/upload/wwwtest.mydomain.org/index1.html HOST:
davhost.mydomain.org:8010
   .
   .

The 'Host'-field is rewritten by mod_rewrite, but the 'Destination'-field not.
We tried to solve the problem by adding a 'ServerAlias'-directive to the
corresponding vhost, but that did not help. Probably the operation fails because
protocols and ports do not match.

Is there any way to rewrite the destination-field with mod_rewrite? Is anybody
using a SSL-reverse-proxy where the MOVE- and COPY-requests work? Any help is
highly appreciated

Cheers,
Simon Moser 



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org