Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Rewriting Apache response headers during redirect

Posted on 2008-10-23
6
Medium Priority
?
1,365 Views
Last Modified: 2012-05-05
My client has a setup whereby they have just moved their application server into a DMZ. At the front-end they have an SSL-offloader which accepts SSL requests and converts to HTTP requests which are then forwarded onto the Java application.

This works fine except when the application send a redirect to the browser. The redirect is to an HTTP URL which is ignored by the SLL-offloader.

I'm looking for a solution not involving rewriting any of the application code. The application is hosted on Tomcat with Apache at the front-end. My proposed solution is to use Apache to rewrite the response header so http becomes https. I'm sure this can be done but I'm struggling with the implementation.

The things I know so far
- I want to rewrite the location value
- I can use mod_headers to set the new value in the header
- I could possibly use Perl to do the rewriting but am not familiar with Perl

Any help appreciated.
0
Comment
Question by:lloyd142
  • 3
  • 3
6 Comments
 
LVL 20

Expert Comment

by:edster9999
ID: 22785137
Do you get any errors or does it just get ignored ?
I use redirects like this and it works for me.  You just need to make sure the page that is generated has the redirect in it and that it is buffered so it can change the header before the page is sent out.
0
 

Author Comment

by:lloyd142
ID: 22785957
I don't actually know what happens at the SSL-offloader as this belongs to the client. They tell me they can't accept http requests and need another solution. I assume this means that the SSL-offloader can't rewrite the headers but I'm not sure.

When you say that you use redirects like this, do you mean that your headers are rewritten by Apache or an SSL-offloader?
0
 
LVL 20

Expert Comment

by:edster9999
ID: 22786050
The ssl offloader is an unpackager.  The requests come in from the internet as secure SSL packets.  This box unloads them and passes on the same data as port 80 requests to the web servers so it will look like this :

User --> Internet (port 443) --> ssl ofloader --> (port 80) --> web server

and back the same way.

I have exactly the same setup as this and my pages do redirects inside the code.  That goes back to the end users web browser and makes that request a new page.  
If the redirect goes to a port 80 page then you need to have a site serving this or change the redirect to port 443 (httpS)
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 

Author Comment

by:lloyd142
ID: 22786356
I agree with what you're saying. I'm told by the client they can't (or don't want) to have anything open on port 80, so the redirect needs sent the user to port 443.

I don't want to do this within the application, so something needs to rewrite the header to use 443.

I was really after help with how to do this using Apache to rewrite the header. If anyone can offer any help with that I'd be most grateful
0
 
LVL 20

Expert Comment

by:edster9999
ID: 22786615
You can't.  
The update you are doing is inside the page.
If it points to port 80 you would need something to host it on that.
If you point to port 443 then that works.

The rewrite thing will not work as you only get to that after the SSL offloader and you would only get to that if you were on port 443.

Sorry.... You'll need to do one of the following
1- patch the code to use the right port
2- put up a web page on port 80 to redirect it again to port 443
3- set up a port 80 on the ssl offloader that does the redirect to port 443.

0
 

Accepted Solution

by:
lloyd142 earned 0 total points
ID: 22795672
I think you're misunderstanding my scenario here. I only need to rewrite the URL inside the response headers. I don't need to rewrite anything in the request or inside the response page. It seems rewriting the response header can be done with the ProxyPassReverse command. I'm struggling to get this to work so I'm going to start a new question asking more specifically about ProxyPassReverse.

Thanks for your suggestions so far but unfortunately it has got me no further to answering my original question, so I will close this question without awarding any points.
0

Featured Post

 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are many situations when we need to display the data in sorted order. For example: Student details by name or by rank or by total marks etc. If you are working on data driven based projects then you will use sorting techniques very frequently.…
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
Six Sigma Control Plans

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question