Rewriting Apache response headers during redirect

My client has a setup whereby they have just moved their application server into a DMZ. At the front-end they have an SSL-offloader which accepts SSL requests and converts to HTTP requests which are then forwarded onto the Java application.

This works fine except when the application send a redirect to the browser. The redirect is to an HTTP URL which is ignored by the SLL-offloader.

I'm looking for a solution not involving rewriting any of the application code. The application is hosted on Tomcat with Apache at the front-end. My proposed solution is to use Apache to rewrite the response header so http becomes https. I'm sure this can be done but I'm struggling with the implementation.

The things I know so far
- I want to rewrite the location value
- I can use mod_headers to set the new value in the header
- I could possibly use Perl to do the rewriting but am not familiar with Perl

Any help appreciated.
lloyd142Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

edster9999Commented:
Do you get any errors or does it just get ignored ?
I use redirects like this and it works for me.  You just need to make sure the page that is generated has the redirect in it and that it is buffered so it can change the header before the page is sent out.
0
lloyd142Author Commented:
I don't actually know what happens at the SSL-offloader as this belongs to the client. They tell me they can't accept http requests and need another solution. I assume this means that the SSL-offloader can't rewrite the headers but I'm not sure.

When you say that you use redirects like this, do you mean that your headers are rewritten by Apache or an SSL-offloader?
0
edster9999Commented:
The ssl offloader is an unpackager.  The requests come in from the internet as secure SSL packets.  This box unloads them and passes on the same data as port 80 requests to the web servers so it will look like this :

User --> Internet (port 443) --> ssl ofloader --> (port 80) --> web server

and back the same way.

I have exactly the same setup as this and my pages do redirects inside the code.  That goes back to the end users web browser and makes that request a new page.  
If the redirect goes to a port 80 page then you need to have a site serving this or change the redirect to port 443 (httpS)
0
Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

lloyd142Author Commented:
I agree with what you're saying. I'm told by the client they can't (or don't want) to have anything open on port 80, so the redirect needs sent the user to port 443.

I don't want to do this within the application, so something needs to rewrite the header to use 443.

I was really after help with how to do this using Apache to rewrite the header. If anyone can offer any help with that I'd be most grateful
0
edster9999Commented:
You can't.  
The update you are doing is inside the page.
If it points to port 80 you would need something to host it on that.
If you point to port 443 then that works.

The rewrite thing will not work as you only get to that after the SSL offloader and you would only get to that if you were on port 443.

Sorry.... You'll need to do one of the following
1- patch the code to use the right port
2- put up a web page on port 80 to redirect it again to port 443
3- set up a port 80 on the ssl offloader that does the redirect to port 443.

0
lloyd142Author Commented:
I think you're misunderstanding my scenario here. I only need to rewrite the URL inside the response headers. I don't need to rewrite anything in the request or inside the response page. It seems rewriting the response header can be done with the ProxyPassReverse command. I'm struggling to get this to work so I'm going to start a new question asking more specifically about ProxyPassReverse.

Thanks for your suggestions so far but unfortunately it has got me no further to answering my original question, so I will close this question without awarding any points.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Apache Web Server

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.