Re: [EMAIL PROTECTED] set http header with mod_rewrite
On Wed, Jul 16, 2008 at 9:00 PM, Raphael Bauduin [EMAIL PROTECTED] wrote: if it is CGI -- are you able to read X_HOST variable then?
Re: [EMAIL PROTECTED] set http header with mod_rewrite
On Wed, Jul 16, 2008 at 6:33 PM, Raphael Bauduin [EMAIL PROTECTED] wrote: On Wed, Jul 16, 2008 at 2:54 PM, Severin Gehwolf [EMAIL PROTECTED] wrote: Hi! Here are more details: I have an apache server (front.example.com) configured as a reverse proxy, and requests are actually handled by apache servers not directly reachable from the outside. Those apache servers (back1listening on 10.0.0.1 and back2 on 10.0.0.2) are configured for doing virtual hosting. back1 serves pages for the websites www.example.com and www.test.com So www.example.com resolves to the IP of front.example.com, which will proxy the request to back1. But the Host header should be set as back1 also serves www.test.com. My current solution is to use mod_proxy with ProxyPass, ProxyPass / http://www.example.com/ ProxyPassReverse / http://www.example.com/ and an entry in /etc/hosts: 10.0.0.1www.example.com I hoped to be able to write something similar to RewriteRule (.*) http://10.0.0.1$1 [P, HEADER:Host=www.example.com] but no documentation seems to imply there's a way to do this. I'll be happy to take all advice you might have! Maybe, you should look at ProxyPreserveHost http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypreservehost Yes, thanks! Still curious to know if there's a way to set a header with RewriteRule though ;-) Raph Raph eg: RewriteRule ^/(.*)$ http://www/~me/printenv.cgi[L,P,E=remoteUser:%{LA-U:REMOTE_USER}] RequestHeader set X_REMOTE_USER %{remoteUser}e RequestHeader add X-H-USER %{remoteUser}e
[EMAIL PROTECTED] Re: tomcat, apache with mod_jk and mod_auth_kerb
On Mon, Jul 14, 2008 at 2:39 PM, Rainer Jung [EMAIL PROTECTED] wrote: First of all 5.5.12 is very outdated and also very early in the 5.5 release cycle. You need to add 'tomcatAuthentication=false' in the Connector element for your AJP connector. The connector you showed us above is - an https connector - a comment and not active At least two good reasons, why this is not the right one. The AJP Connector is the one, which uses port 8009 in the default configuration and which you can identify by 'protocol=AJP/1.3'. Regards, Rainer Oops.. here is the http connector line in my configuration: !-- Define a non-SSL HTTP/1.1 Connector on port 8080 -- Connector port=64080 maxHttpHeaderSize=8192 maxThreads=150 minSpareThreads=25 maxSpareThreads=75 enableLookups=false redirectPort=8443 acceptCount=100 connectionTimeout=2 disableUploadTimeout=true / Thanks Rainer. I will try out the later releases.. may be tomcat6 itself. Nikhil
[EMAIL PROTECTED] Re: tomcat, apache with mod_jk and mod_auth_kerb
On Mon, Jul 14, 2008 at 4:22 PM, Nikhil [EMAIL PROTECTED] wrote: On Mon, Jul 14, 2008 at 2:39 PM, Rainer Jung [EMAIL PROTECTED] wrote: First of all 5.5.12 is very outdated and also very early in the 5.5 release cycle. You need to add 'tomcatAuthentication=false' in the Connector element for your AJP connector. The connector you showed us above is - an https connector - a comment and not active At least two good reasons, why this is not the right one. The AJP Connector is the one, which uses port 8009 in the default configuration and which you can identify by 'protocol=AJP/1.3'. Regards, Rainer Oops.. here is the http connector line in my configuration: !-- Define a non-SSL HTTP/1.1 Connector on port 8080 -- Connector port=64080 maxHttpHeaderSize=8192 maxThreads=150 minSpareThreads=25 maxSpareThreads=75 enableLookups=false redirectPort=8443 acceptCount=100 connectionTimeout=2 disableUploadTimeout=true / Thanks Rainer. I will try out the later releases.. may be tomcat6 itself. Nikhil but still.. I do not get what is wrong with 5.5.12 and what could I do atleast in the httpd configuration that would get the kerberized apache authentication working in the tomcat apps. -- Nikhil Google is Great !
[EMAIL PROTECTED] Re: tomcat, apache with mod_jk and mod_auth_kerb
On Mon, Jul 14, 2008 at 5:00 PM, Rainer Jung [EMAIL PROTECTED] wrote: Again, the http connector is *not* what you need to edit, if you want to combine Tomcat with mod_jk or mod_proxy_ajp. It is the AJP connector. See my previous mail. You need to add tomcatAuthentication=false to that connector. Regards, Rainer I seem to get it, Rainer. But the thing is that with my installed tomcat-5.5.12 version and I do not have any already tomcatAuthentication directive (if I call it that way). Okay I get you want me to add, so this is what I edited the server.xml now !-- Define a SSL HTTP/1.1 Connector on port 8443 -- !-- Connector port=64083 maxHttpHeaderSize=8192 maxThreads=150 minSpareThreads=25 maxSpareThreads=75 enableLookups=false disableUploadTimeout=true acceptCount=100 scheme=https secure=true clientAuth=false sslProtocol=TLS / -- !-- Define an AJP 1.3 Connector on port 8009 -- Connector port=64089 enableLookups=false redirectPort=64083 tomcatAuthentication=false protocol=AJP/1.3 / !-- Define a Proxied HTTP/1.1 Connector on port 8082 -- !-- See proxy documentation for more information about using this. -- !-- Connector port=64082 maxThreads=150 minSpareThreads=25 maxSpareThreads=75 enableLookups=false acceptCount=100 connectionTimeout=2 proxyPort=80 disableUploadTimeout=true / -- After editing the change in the ajp connector, and restarting the tomcat, I still am not able to get the remote_user variable passed. I am using the following jsp installed under webapps/jsp-examples/readheaders.jsp to have the environment variables listed but with out any success.. %@ page language=java % %@ page import=java.util.Enumeration % h2HTTP Request Headers/h2 table border=0 cellspacing=1 cellpadding=2 trthName/th thValue/th /tr % // Get all HTTP request headers names/values Enumeration e1 = request.getHeaderNames(); while (e1.hasMoreElements()) { boolean doLoop = true; String name = ((String)e1.nextElement()).toUpperCase(); Enumeration e2 = request.getHeaders(name); while (e2.hasMoreElements()){ String value = (String)e2.nextElement(); % tr td class=gray%= name %/td td class=gray%= value %/td /tr % } } % -- Any suggestions? (Although I am still to try out the Tomcat6, but would prefer for fixing the existing installation unless there are any real problems in the tomcat version that I am using. Thanks, Nikhil
[EMAIL PROTECTED] Re: tomcat, apache with mod_jk and mod_auth_kerb
Rainer, I seem to have found a related link on this but this is really old pertaining to the older versions of Tomcat.. any suggestions please. http://marc.info/?t=10431829842r=1w=2
[EMAIL PROTECTED] Re: tomcat, apache with mod_jk and mod_auth_kerb
I tried out Tomcat6 too and added 'tomcatAuthentication=false' to the ajp connector but that still not work. :-( On Mon, Jul 14, 2008 at 7:15 PM, Nikhil [EMAIL PROTECTED] wrote: Rainer, I seem to have found a related link on this but this is really old pertaining to the older versions of Tomcat.. any suggestions please. http://marc.info/?t=10431829842r=1w=2 -- Nikhil Google is Great !