13

My team is trying to setup an Apache reverse proxy from a customer's site into one of our web applications.

http://www.example.com/app1/some-path maps to http://internal1.example.com/some-path

Inside our application we use struts and have redirect = true set on certain actions in order to provide certain functionality. The 302 status messages from these re-directs cause the user to break out of the proxy resulting in an error page for the end user.

HTTP/1.1 302 Found Location: http://internal.example.com/some-path/redirect

Is there any way to setup the reverse proxy in apache so that the redirects work correctly?

http://www.example.com/app1/some-path/redirect

Cœur
  • 37,241
  • 25
  • 195
  • 267
Rob
  • 245
  • 1
  • 5
  • 14

4 Answers4

15

There is an article titled Running a Reverse Proxy in Apache that seems to address your problem. It even uses the same example.com and /app1 that you have in your example. Go to the "Configuring the Proxy" section for examples on how to use ProxyPassReverse.

Kevin Hakanson
  • 41,386
  • 23
  • 126
  • 155
4

The AskApache article is quite helpful, but in practice I found a combination of Rewrite rules and ProxyPassReverse to be more flexible. So in your case I'd do something like this:

    <VirtualHost example>
       ServerName www.example.com

       ProxyPassReverse /app1/some-path/ http://internal1.example.com/some-path/
       RewriteEngine On
       RewriteRule /app1/(.*)   http://internal1.example.com/some-path$1 [P]

       ...
    </VirtualHost>

I like this better because it gives you finer-grained control over the paths you're proxying for the internal server. In our case we wanted to expose only part of third-party application. Note that this doesn't address hard-coded links in HTML, which the AskApache article covers.

Also, note that you can have multiple ProxyPassReverse lines:

    ProxyPassReverse / http://internal1.example.com/some-path
    ProxyPassReverse / http://internal2.example.com/some-path

I mention this only because another third-party app we were proxying was sending out redirects that didn't include their internal host name, just a different port.

As a final note, keep in mind that Firebug is extremely useful when debugging the redirects.

Marcel Levy
  • 3,407
  • 1
  • 28
  • 39
2

Basically, ProxyPassReverse should take care of rewriting the Location header for you, as Kevin Hakanson pointed out.

One pitfall I have encountered is missing the trailing slash in the url argument. Make sure to use:

ProxyPassReverse / http://internal1.example.com/some-path/

(note the trailing slash!)

philippn
  • 1,850
  • 1
  • 14
  • 11
1

Try using the AJP connector instead of reverse proxy. Certainly not a trivial change, but I've found that a lot of the URL nightmares go away when using AJP instead of reverse proxy.

James Schek
  • 17,844
  • 7
  • 51
  • 64
  • I spent 3 hours trying to find a reliable way to prevent http redirects to pass the https proxy without AJP. I ended up solving this by using ajp instead of http in ProxyPass and ProxyPassReverse directives. – Gnafu Apr 06 '17 at 10:30