u can investigate on the version. I have this: httpd-2.2.3-31 Please see at ssl.conf top: ================================================ LoadModule ssl_module modules/mod_ssl.so LoadFile /usr/lib/libxml2.so LoadModule proxy_html_module modules/mod_proxy_html.so LoadModule xml2enc_module modules/mod_xml2enc.so ================================================
have u load this module? 2010/4/22 GB GB <gbcy...@gmail.com> > The version I am using is > Server version: Apache/2.0.54 > Server built: Sep 23 2005 15:28:48 > > ProxyHTMLURLMap doesn't work with what I am using..... > > > On Thu, Apr 22, 2010 at 8:32 AM, Mauri <lai...@gmail.com> wrote: > > Hi GB. > > > > I have a similar solution. > > > > Client --> https://mysite.com --> proxy --> http://backend. > > > > the url in the client broswer is https://mysite.com. > > > > this is my /etc/httpd/conf.d/ssl.conf: > > > > > > > > LoadModule ssl_module modules/mod_ssl.so > > LoadFile /usr/lib/libxml2.so > > LoadModule proxy_html_module modules/mod_proxy_html.so > > LoadModule xml2enc_module modules/mod_xml2enc.so > > Listen 443 > > AddType application/x-x509-ca-cert .crt > > AddType application/x-pkcs7-crl .crl > > SSLPassPhraseDialog builtin > > SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000) > > SSLSessionCacheTimeout 300 > > SSLMutex default > > SSLRandomSeed startup file:/dev/urandom 256 > > SSLRandomSeed connect builtin > > SSLCryptoDevice builtin > > > > NameVirtualHost mysite.com:443 > > <VirtualHost mysite.com:443> > > ServerName mysite.com > > ProxyRequests off > > ProxyPass / https://10.173.90.167:8443/ > > ProxyHTMLURLMap https://10.173.90.167:8443 / > > <Location /> > > ProxyPassReverse https://10.173.90.167:8443/ > > ProxyHTMLEnable On > > ProxyHTMLURLMap / / > > RequestHeader unset Accept-Encoding > > </Location> > > > > SSLEngine on > > SSLProxyEngine on > > SSLProtocol all -SSLv2 > > SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW > > SSLCertificateFile /etc/httpd/cert/IT_Global_Alternative.cer > > SSLCertificateKeyFile /etc/httpd/cert/IT_Global_Alternative.key > > SSLCertificateChainFile /etc/httpd/cert/IT_Global_CA.cer > > > > <Files ~ "\.(cgi|shtml|phtml|php3?)$"> > > SSLOptions +StdEnvVars > > </Files> > > <Directory "/var/www/cgi-bin"> > > SSLOptions +StdEnvVars > > </Directory> > > SetEnvIf User-Agent ".*MSIE.*" \ > > nokeepalive ssl-unclean-shutdown \ > > downgrade-1.0 force-response-1.0 > > CustomLog logs/ssl_request_log \ > > "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" > > </VirtualHost> > > > > > > > > > > > > > > 2010/4/22 GB GB <gbcy...@gmail.com> > >> > >> Basically what goes on when the user types in https://mydomain.com/lsw > >> he gets an authentification page from the backend application. Once he > >> enters his credentials, I notice a POST in the apache logs. > >> > >> This is what the user types in: > >> https://mydomain.com/lsw/clientele/gen/authentification.jsp > >> he enters his credentials, then a POST appears in the log : > >> POST /lsw/clientele/gen/authentification.jsp HTTP/1.1" 302 > >> > >> and in the browser I get the following: The connection has timed out > >> > >> > >> > http://backend2.ca/lsw/clientele/ses/pagePersonnelle.jsp?Mouftah=VXV744A9SVZMU9P > >> > >> the above link doesn't work because its http rather than https!! > >> > >> If I add the "s" manually > >> > >> > https://backend2.ca/lsw/clientele/ses/pagePersonnelle.jsp?Mouftah=VXV744A9SVZMU9P > >> then it works. > >> > >> 1)So how can I force the protocole to remain https once the client > >> does a POST..... > >> 2)I have noticed in many examples that people use PreserveHost on, in > >> my case, if activate > >> PreserveHost on then I cant even get the first page to work: > >> > >> Thx in advance > >> > >> > >> > >> > >> On Wed, Apr 21, 2010 at 4:56 AM, Krist van Besien > >> <krist.vanbes...@gmail.com> wrote: > >> > On Tue, Apr 20, 2010 at 6:41 PM, GB GB <gbcy...@gmail.com> wrote: > >> > > >> > > >> > > >> >> #this for some reason becomes http from client perspective > >> >> #PreserveHost on does not work with lsw, so I disabled it.... > >> >> RewriteRule ^/lsw(.*)$ http://backend2.ca:8082/lsw$1 > >> >> [NC,P,L] > >> >> ProxyPassReverse /lsw http://backend2.ca:8082/lsw > >> >> Redirect permanent /lsw https://mydomain.com/lsw > >> > > >> > First of all: Remove the "Redirect Permanent". It's not needed (as > >> > this virtualhost only gets https requests anyway) and confuses. If you > >> > want to make sure that people who accidentaly land on the http site > >> > get redirected to https you need to put a redirect in the http virtual > >> > host. > >> > > >> > Secondly: Look at what your backend produces. It is very well possible > >> > that it passes html pages back to the client that contain http:// > >> > style URLs. RewriteRule only operates on request URLs, > >> > ProxyPassReverse only on redirects passed back. The content passed > >> > back by the backend is not modified. > >> > > >> > HTH, > >> > > >> > Krist > >> > > >> > -- > >> > krist.vanbes...@gmail.com > >> > kr...@vanbesien.org > >> > Bremgarten b. Bern, Switzerland > >> > -- > >> > A: It reverses the normal flow of conversation. > >> > Q: What's wrong with top-posting? > >> > A: Top-posting. > >> > Q: What's the biggest scourge on plain text email discussions? > >> > > >> > --------------------------------------------------------------------- > >> > The official User-To-User support forum of the Apache HTTP Server > >> > Project. > >> > See <URL:http://httpd.apache.org/userslist.html> for more info. > >> > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > >> > " from the digest: users-digest-unsubscr...@httpd.apache.org > >> > For additional commands, e-mail: users-h...@httpd.apache.org > >> > > >> > > >> > >> --------------------------------------------------------------------- > >> The official User-To-User support forum of the Apache HTTP Server > Project. > >> See <URL:http://httpd.apache.org/userslist.html> for more info. > >> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > >> " from the digest: users-digest-unsubscr...@httpd.apache.org > >> For additional commands, e-mail: users-h...@httpd.apache.org > >> > > > > > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > " from the digest: users-digest-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > >
