[users@httpd] Re: mod_proxy ProxyPassReverse incorrectly adjusting Location header in redirect?

2012-04-12 Thread Charlie Katz 
Rainer Frey  inxmail.de> writes:
> So the result of ProxyPassReverse will *always* be a URL within the current 
VHost, but you need to send a
> redirect to your other, non-SSL VHost.
> 

> Another idea is using mod_headers to process the Location header in the proxy 
response. But I'm not sure
> that will work, depending on how Apache will chain mod_proxy and mod_headers 
in that case.

> This is the misunderstanding. The URL as second argument to the 
ProxyPassReverse directive is *not* used
> in the response in any way, it is only used to match a location header 
returned by a proxy backend to
> determine if and what to replace. The replacement is always the current host 
URL.


Excellent, you pinpointed my confusion exactly.  I misunderstood
ProxyPassReverse to be a URL rewriting rule for the response
headers, including the protocol part of the URL.  I went and
played with the mod_proxy source to see what actually happens and
saw that the protocol to use in fixing the Location header is
determined by ap_http_scheme(), not from what is listed in the
ProxyPassReverse directive.  Without delving deeper into the
code, I assume this is what you are explaining to me, that the
protocol will always be that of the current VHost.

In my case, since I am reverse-proxying the entire site, I can just remove the 
ProxyPassReverse directives and use mod_headers like you suggest, globally 
applying

   Header edit Location internal.example.com www.example.com

This is working great.


Thanks very much for helping me get straightened out!

Charlie


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] Alias based on IP address

2012-04-12 Thread Paulo Silva 
Hi,

Inside a virtualhost is it possible to define an Alias based on the IP of
the incoming request?

Thanks for any answer
-- 
Paulo Silva

Re: [users@httpd] mod_proxy ProxyPassReverse incorrectly adjusting Location header in redirect?

2012-04-12 Thread Rainer Frey 
On 12.04.2012, at 09:17, Igor Cicimov wrote:

>> On Thu, Apr 12, 2012 at 4:32 PM, Rainer Frey  wrote:
>> 
>> > Where did you get the idea that you can mix protocols in the reverse proxy 
>> > commands from?
>> >
>> > This doesn't [make sense]:
>> >   ProxyPass / https://internal.example.com/
>> >   ProxyPassReverse / http://internal.example.com/
>> 
>> That is wrong.
> No it's not wrong

Your above statement is definitely not correct. You *can* and sometimes *must* 
mix protocols between ProxyPass and ProxyPassReverse. The only thing a working 
ProxyPassReverse directive needs to match is the redirect URLs that a proxy 
backend returns. Apart from the fact that it only applies to responses from 
proxied backends, it has /nothing/ to do with the value in any ProxyPass 
directive. You don't even need a ProxyPass directive, it also applies to 
mod_rewrite [P] triggered proxy passing.
This is a very common misunderstanding, and should not be left in the mailing 
list archive without explanation.

>> It does not do what the OP expected, but it is definitely possible to do 
>> that, if the backend sends non-HTTPS redirects even though it was accessed 
>> via HTTPS.
> I'm just pointing that it can't be done via mod_proxy as OP expects to, which 
> was his question exactly.

That's right, but for completely different reasons. He can't change the 
redirect to non-SSL via ProxyPassReverse, because (and only because) the 
relevant ProxyPassReverse directive is within an SSL virtual host.

Rainer


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] 302 http status code after setting the redirects

2012-04-12 Thread Daniel Gruno 
On 12-04-2012 10:19, aparna Puram wrote:
> Hello All,
>
> We have implemented the redirects from http to https
>
> RewriteEngine On
> RewriteCond %{HTTPS} off
> RewriteRule (.*) https://dnsname.com%{REQUEST_URI}
>
> this server can be accessing using 3 different names.
>
> localhostname
> and there are 2dns names for accessing the server.
>
> After implementing this we are seeing the following 302 status codes
> in the access logs
>
> Ipadrress - - [12/Apr/2012:12:04:55 +0200] "GET
> //readData.pl?IPBName=IPB_64 HTTP/1.1" 302 279 "-"
> "Java/1.5.0_17" 0
>
>
> Can any one please let me know what could be causing the issue?
>
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
A 302 status code is simply the redirect status code given due to your
rewrite rule.
See http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html (section
10.3) for an explanation on 3xx status codes.
If your site works as expected, I wouldn't pay any attention to it :)

With regards,
Daniel.

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] 302 http status code after setting the redirects

2012-04-12 Thread aparna Puram 
Hello All,

We have implemented the redirects from http to https

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://dnsname.com%{REQUEST_URI}

this server can be accessing using 3 different names.

localhostname
and there are 2dns names for accessing the server.

After implementing this we are seeing the following 302 status codes
in the access logs

Ipadrress - - [12/Apr/2012:12:04:55 +0200] "GET
//readData.pl?IPBName=IPB_64 HTTP/1.1" 302 279 "-"
"Java/1.5.0_17" 0


Can any one please let me know what could be causing the issue?

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] mod_proxy ProxyPassReverse incorrectly adjusting Location header in redirect?

2012-04-12 Thread Igor Cicimov 
>
>
>
On Thu, Apr 12, 2012 at 4:32 PM, Rainer Frey  wrote:

>
> On 12.04.2012, at 07:57, Igor Cicimov wrote:
>
> > Where did you get the idea that you can mix protocols in the reverse
> proxy commands from?
> >
> > This makes sense:
> >   ProxyPass / http://internal.example.com/
> >   ProxyPassReverse / http://internal.example.com/
> >
> > This doesn't:
> >   ProxyPass / https://internal.example.com/
> >   ProxyPassReverse / http://internal.example.com/
>
> That is wrong. It does not do what the OP expected, but it is definitely
> possible to do that, if the backend sends non-HTTPS redirects even though
> it was accessed via HTTPS.
>
> The protocol of the result of the ProxyPassReverse is determined by the
> context of the virtual host in which these directives are placed though.
>
> Rainer
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>
No it's not wrong I'm just pointing that it can't be done via mod_proxy as
OP expects to, which was his question exactly.