Sorry the output was not clean. Trying a different format 1. ProxyPass /confluencenode1 http://nodecnf001:8092/confluencenode1 2. ProxyPassReverse /confluencenode1 http://nodecnf001:8092/confluencenode1 3. ProxyPass /confluencenode2 http://nodecnf002:8092/confluencenode2 4. ProxyPassReverse /confluencenode2 http://nodecnf002:8092/confluencenode2 5. ProxyPass /confluencenode3 http://nodecnf003:8092/confluencenode3 6. ProxyPassReverse /confluencenode3 http://nodecnf003:8092/confluencenode3 7. 8. <Location /confluencenode1> 9. # Paths to bypass SSO 10. #<If "%{REQUEST_URI} =~ m#^/confluence\/rest\/#"> 11. # Satisfy Any 12. #</If> 13. <If "%{REQUEST_URI} =~ m#^/(confluencenode1/rest/|confluencenode1/s/).*#"> 14. Satisfy Any 15. </If> 16. Order allow,deny 17. Allow from all 18. AuthType Shibboleth 19. Header set X-Forwarded-Proto "https" 20. ShibUseHeaders On 21. ShibRequestSetting requireSession true 22. <RequireAny> 23. Require shib-attr AuthType "standard, x509, securePlus2, securePlus3, piv" 24. Require shib-attr AppAuth true 25. </RequireAny> 26. </Location> 27. <Location /confluencenode2> 28. # Paths to bypass SSO 29. #<If "%{REQUEST_URI} =~ m#^/confluence\/rest\/#"> 30. # Satisfy Any 31. #</If> 32. <If "%{REQUEST_URI} =~ m#^/(confluencenode2/rest/|confluencenode2/s/).*#"> 33. Satisfy Any 34. </If> 35. Order allow,deny 36. Allow from all 37. AuthType Shibboleth 38. Header set X-Forwarded-Proto "https" 39. ShibUseHeaders On 40. ShibRequestSetting requireSession true 41. <RequireAny> 42. Require shib-attr AuthType "standard, x509, securePlus2, securePlus3, piv" 43. Require shib-attr AppAuth true 44. </RequireAny> 45. </Location> 46. <Location /confluencenode3> 47. # Paths to bypass SSO 48. #<If "%{REQUEST_URI} =~ m#^/confluence\/rest\/#"> 49. # Satisfy Any 50. #</If> 51. <If "%{REQUEST_URI} =~ m#^/(confluencenode3/rest/|confluencenode3/s/).*#"> 52. Satisfy Any 53. </If> 54. Order allow,deny 55. Allow from all 56. AuthType Shibboleth 57. Header set X-Forwarded-Proto "https" 58. ShibUseHeaders On 59. ShibRequestSetting requireSession true 60. <RequireAny> 61. Require shib-attr AuthType "standard, x509, securePlus2, securePlus3, piv" 62. Require shib-attr AppAuth true 63. </RequireAny> 64. </Location> 65.
So I like to see if I can get only one Location stanza with only one REQUEST_URI and maybe one ProxyPass and one ProxyPassReverse for all three nodes On Tue, May 18, 2021 at 2:29 PM <vad...@gmail.com> wrote: > Hi All, > > I have this config and it works fine. Looking for a way to consolidate it. > I tried few things and no success yet. > > ProxyPass /confluencenode1 http://nodecnf001:8092/confluencenode1 > ProxyPassReverse /confluencenode1 http://nodecnf001:8092/confluencenode1 > ProxyPass /confluencenode2 http://nodecnf002:8092/confluencenode2 > ProxyPassReverse /confluencenode2 http://nodecnf002:8092/confluencenode2 > ProxyPass /confluencenode3 http://nodecnf003:8092/confluencenode3 > ProxyPassReverse /confluencenode3 http://nodecnf003:8092/confluencenode3 > <Location /confluencenode1> > # Paths to bypass SSO > #<If "%{REQUEST_URI} =~ m#^/confluence\/rest\/#"> > # Satisfy Any > #</If> > <If "%{REQUEST_URI} =~ m#^/(confluencenode1/rest/|confluencenode1/s/).*#"> > Satisfy Any > </If> > Order allow,deny > Allow from all > AuthType Shibboleth > Header set X-Forwarded-Proto "https" > ShibUseHeaders On > ShibRequestSetting requireSession true > <RequireAny> > Require shib-attr AuthType "standard, x509, securePlus2, securePlus3, piv" > Require shib-attr AppAuth true > </RequireAny> > </Location> > <Location /confluencenode2> > # Paths to bypass SSO > #<If "%{REQUEST_URI} =~ m#^/confluence\/rest\/#"> > # Satisfy Any > #</If> > <If "%{REQUEST_URI} =~ m#^/(confluencenode2/rest/|confluencenode2/s/).*#"> > Satisfy Any > </If> > Order allow,deny > Allow from all > AuthType Shibboleth > Header set X-Forwarded-Proto "https" > ShibUseHeaders On > ShibRequestSetting requireSession true > <RequireAny> > Require shib-attr AuthType "standard, x509, securePlus2, securePlus3, piv" > Require shib-attr AppAuth true > </RequireAny> > </Location> > <Location /confluencenode3> > # Paths to bypass SSO > #<If "%{REQUEST_URI} =~ m#^/confluence\/rest\/#"> > # Satisfy Any > #</If> > <If "%{REQUEST_URI} =~ m#^/(confluencenode3/rest/|confluencenode3/s/).*#"> > Satisfy Any > </If> > Order allow,deny > Allow from all > AuthType Shibboleth > Header set X-Forwarded-Proto "https" > ShibUseHeaders On > ShibRequestSetting requireSession true > <RequireAny> > Require shib-attr AuthType "standard, x509, securePlus2, securePlus3, piv" > Require shib-attr AppAuth true > </RequireAny> > </Location> > > Thanks > > -- > Asif Iqbal > PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu > A: Because it messes up the order in which people normally read text. > Q: Why is top-posting such a bad thing? > > -- Asif Iqbal PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing?
