2

On a virtual server I need to run an eXist-db app beside other web sites. In my app there are used cookies for logging in and out.

These settings work well for Firefox, everything runs as expected:

<VirtualHost *:80>
  ServerAdmin my@mail.com
  ServerName my-app.my-domain.com
  ProxyRequests off
  ProxyPass / http://xx.xx.xx.xx:xxxx/exist/apps/my-app/
  ProxyPassReverse / http://xx.xx.xx.xx:xxxx/exist/apps/my-app/
  ProxyPassReverseCookiePath / http://my-app.my-domain.com
</VirtualHost>

I know these settings could seem a bit strange but they are the best I could find and as I stated above they simply work well for Firefox. They are maybe specific for usage with the eXist-db app. (I was inspired by this solution.)

However, in IE 11 there is some problem with that. I am able to log in per one page, as soon as I try to visit other secure page (or the same!), I am logged off. I know about ProxyPassReverseCookieDomain possibility but have no clue how to use it. I tried localhost my-domain.com and similar but nothing worked.

In the app’s controller I am disabling all caching (no-cache, no-store, must-revalidate), which was necessary for proper logging in and out across pages.

apache2 -S logs:

[Mon Jan 16 16:09:10.287083 2017] [core:warn] [pid 16104] AH00111: Config variable ${APACHE_LOCK_DIR} is not defined
[Mon Jan 16 16:09:10.287698 2017] [core:warn] [pid 16104] AH00111: Config variable ${APACHE_PID_FILE} is not defined
[Mon Jan 16 16:09:10.288003 2017] [core:warn] [pid 16104] AH00111: Config variable ${APACHE_RUN_USER} is not defined
[Mon Jan 16 16:09:10.288220 2017] [core:warn] [pid 16104] AH00111: Config variable ${APACHE_RUN_GROUP} is not defined
[Mon Jan 16 16:09:10.288490 2017] [core:warn] [pid 16104] AH00111: Config variable ${APACHE_LOG_DIR} is not defined
[Mon Jan 16 16:09:10.293480 2017] [core:warn] [pid 16104:tid 140486280820608] AH00111: Config variable ${APACHE_LOG_DIR} is not defined
AH00526: Syntax error on line 74 of /etc/apache2/apache2.conf:
Invalid Mutex directory in argument file:${APACHE_LOCK_DIR}
Community
  • 1
  • 1
Honza Hejzl
  • 874
  • 8
  • 23
  • 1
    interesting is that you are losing session with a single backend, one would expect to see this behaviour you describe in a balancer. Interesting nonetheless. – Daniel Ferradal Jan 16 '17 at 13:28
  • At the moment, this host is one of two. The other one is a very simple static web served with Harp.js. – Honza Hejzl Jan 16 '17 at 13:35

2 Answers2

1

Try set proxy configuration into Location section

<VirtualHost *:80>
    ServerAdmin my@mail.com
    ServerName my-app.my-domain.com
    ProxyRequests off
    <Location />
        ProxyPass http://xx.xx.xx.xx:xxxx/exist/apps/my-app/
        ProxyPassReverse http://xx.xx.xx.xx:xxxx/exist/apps/my-app/
        ProxyPassReverseCookiePath http://my-app.my-domain.com
    </Location>
</VirtualHost>
dwaskowski
  • 415
  • 3
  • 9
  • Thank you! However, still works for Firefox, does not for IE. The last parameter for cookies has to have two or three args. I used the same as in my original config. – Honza Hejzl Jan 16 '17 at 15:50
1

The solution is: ProxyPassReverseCookiePath /exist /

I figured out that from checking cookie parameters shown via Firebug. The /exist part of URL was not in suspicion because it is rewritten by the controller and is not seen in the address bar.

JSESSIONID had path value /, log-in cookie /exist. Now they have both /.

Honza Hejzl
  • 874
  • 8
  • 23