Solved

Mod_Proxy + 302 Redirects

Posted on 2004-11-02
1,303 Views
Last Modified: 2012-05-05
I'm running into problems using mod_proxy in a reverse proxy configuration where an application on the real servers are sending "302 Found"/Redirects that redirect to the real servername, and break out of the proxy scenario.

Are there any workarounds for this?

        ProxyPass /sub http://realserver
        ProxyHTMLURLMap http://realserver /sub
        Redirect /sub http://proxyserver/sub/
        <Location /sub>
                ProxyPassReverse /
                SetOutputFilter  proxy-html
                ProxyHTMLURLMap  /          /sub/
                ProxyHTMLURLMap  /sub      /sub/
        </Location>

"http://proxyserver/sub/" proxies for "http://realserver/", but realserver sends back 302 Found, Location: http://realserver/differentsub/" which ProxyPassReverse misses, and, since there is no access to realserver from the internet, causes the page not to be found.
0
Question by:Chireru
    7 Comments
     
    LVL 38

    Expert Comment

    by:yuzh
    Need to enable "rewrites in the HTTP Headers"

    Please read the following doc:

    http://www.apacheweek.com/features/reverseproxies

    and fix your problem.

    0
     
    LVL 5

    Author Comment

    by:Chireru
    Read that doc before, actually, most of my configuration is based off of that.  Commands that aren't shown there are in the general config, which is too long to post.
    0
     
    LVL 38

    Expert Comment

    by:yuzh
    0
     
    LVL 5

    Author Comment

    by:Chireru
    If you look at my configuration above, I use both ProxyPass and ProxyPassReverse..  if you look at the first link you suggested to me (http://www.apacheweek.com/features/reverseproxies), that is what I mainly followed.  I have tried using the ProxyPassReverse outside of the Location directive, but the problem still exists.

    I know ProxyPassReverse is working, because if I remove it, the rest of the proxy breaks.

    I have all but abandoned this project for now.  I may revisit it later, if I can find a solution to this issue, but unfortunately, with this 302 problem, it cannot be deployed.
    0
     
    LVL 3

    Expert Comment

    by:andYetAnotherLoginName
    wonder why the redirect is a problem, unless clients don't use your server as proxy. are you trying to steal content ;) if so you better use server-side scripting for that.
    0
     
    LVL 5

    Author Comment

    by:Chireru
    The idea is: I have a whole bunch of internal servers, who's content I want to provide to users, but I want to add security to the mix too.  So, I firewall off everything except for this box, which will accept secure and insecure connections, and use the application servers behind the firewall, hopefully with at-proxy URL filtering and other fancy security options.. once I get it working.

    The problem is:  some of the application servers send a 302-Redirect, which includes the full servername and path, which isn't rewritten by the proxy, and sends the user looking for some internal server (which they won't be able to get to).
    0
     
    LVL 3

    Accepted Solution

    by:
    how about using mod_headers to unset/reset headers?
    0

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Highfive Gives IT Their Time Back

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Suggested Solutions

    Title # Comments Views Activity
    DNS Question 7 32
    htaccess question 5 51
    How to find /read Apache log error file ? 5 68
    Virtual host in apache 31 47
    As Wikipedia explains 'robots.txt' as -- the robot exclusion standard, also known as the Robots Exclusion Protocol or robots.txt protocol, is a convention to prevent cooperating web spiders and other web robots from accessing all or part of a websit…
    If you've heard about htaccess and it sounds like it does what you want, but you're not sure how it works... well, you're in the right place. Read on. Some Basics #1. It's a file and its filename is .htaccess (yes, with a dot in the front). #…
    This video Micro Tutorial is the second in a two-part series that shows how to create and use custom scanning profiles in Nuance's PaperPort 14.5 (http://www.experts-exchange.com/articles/17490/). But the ability to create custom scanning profiles a…
    Need more eyes on your posted question? Go ahead and follow the quick steps in this video to learn how to Request Attention to your question. *Log into your Experts Exchange account *Find the question you want to Request Attention for *Go to the e…

    857 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    10 Experts available now in Live!

    Get 1:1 Help Now