1

Premise

On an Ubuntu 16.04 server with the latest Apache2 installed, I've different Virtual Hosts,
each one properly configured (and secured with Let's Encrypt):

  • /etc/apache2/sites-enabled/my.site.com-le-ssl.conf
  • /etc/apache2/sites-enabled/my.other.site.com-le-ssl.conf

pointing to static content under:

  • /var/www/my.site.com/
  • /var/www/my.other.site.com/

This works fine:
by calling https://my.site.com/ I see the static site that is contained in /var/www/my.site.com/.

I've then installed Tomcat 8.5.9 and secured it with a reverse proxy, hence adding: 

<VirtualHost *:443>
    . . .
    JKMount /* ajp13_worker
    . . .
</VirtualHost>

to /etc/apache2/sites-enabled/my.site.com-le-ssl.conf .

This also works fine:
by calling https://my.site.com/ now I see the Tomcat home.

Desired Goal

I want to achieve the following result:

  • by calling https://my.site.com/ I want to see the static site (/var/www/my.site.com/);
  • by calling https://my.site.com/dynamic I want to see the Tomcat home;
    hence, by calling https://my.site.com/dynamic/myApp I expect to run myApp.war published under tomcat/webapps;

Attempted solution

My idea was the following:

  • make Apache JKMount-ing only the requests with the /dynamic context, hence instead of:

    <VirtualHost *:443>
    . . .
    JKMount /* ajp13_worker
    . . .
</VirtualHost>

    , I've used: 

    <VirtualHost *:443>
    . . .
    JKMount /dynamic/* ajp13_worker
    . . .
</VirtualHost>

and this appears to works, on the Apache side; calling my.site.com will open the static content, while calling the my.site.com/dynamic will give Tomcat 404.

Now I need to rewrite the URL to remove the dynamic context, in order to make it transparent to Tomcat, and I've tried for the last 3 hours to do that with the Tomcat RewriteValve:

  • I've edited tomcat/conf/server.xml by adding the Valve:

    <Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true">
    . . .
    <Valve className="org.apache.catalina.valves.rewrite.RewriteValve" />
</Host>

  • I've created a tomcat/conf/Catalina/localhost/rewrite.config file, containing the right rule (tested here):

    RewriteRule ^dynamic/(.+)$ /$1

For some reason, this does not work. The Tomcat's RewriteValve rule is either ignored, or malfunctioning, or there's something wrong in the way I thinked the whole thing... I'm not a sysadmin, so I'd not be surprised by some naive error here.

Do you see where the problem is ? Or another way to make this work ?

Andrea Ligios
  • 133
  • 7

1 Answers1

1

I've solved it by using mod_proxy_ajp instead of mod_jk.

Apache's my.site.com-le-ssl.conf

<VirtualHost *:443>
    . . .
    ProxyPass        /dynamic/ ajp://localhost:8009/
    ProxyPassReverse /dynamic/ ajp://localhost:8009/
    . . .
</VirtualHost>

Tomcat's rewrite.config

RewriteRule ^dynamic(.+)$ dynamic/$1/ [R]

Now it works as desired.

Andrea Ligios
  • 133
  • 7