Hi.
On 28.06.2018 11:55, Sandels Mark (RTH) OUH wrote:
[.. snip ..]
I am using the Apache http service as a proxy. I have configured the Apache
httpd.conf file to listen to client requests on port 8000.
Well no, according to the confiuration below, you are not at all using Apache httpd as a
proxy.
E.g.
...
#LoadModule proxy_module modules/mod_proxy.so
#LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
#LoadModule proxy_connect_module modules/mod_proxy_connect.so
#LoadModule proxy_express_module modules/mod_proxy_express.so
#LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
#LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so
#LoadModule proxy_html_module modules/mod_proxy_html.so
#LoadModule proxy_http_module modules/mod_proxy_http.so
#LoadModule proxy_http2_module modules/mod_proxy_http2.so
#LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
#LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so
#LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
...
All the Apache httpd modules which /would/ allow some kind of proxying are commented out,
thus not even loaded.
As a minimum for acting as a proxy, the following 2 should be uncommented :
> #LoadModule proxy_module modules/mod_proxy.so
> #LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
#
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
#
#DocumentRoot "c:/Apache24/htdocs"
#<Directory "c:/Apache24/htdocs">
DocumentRoot "C:\Program Files (x86)\apache-tomcat-9.0.6\webapps"
<Directory "C:\Program Files (x86)\apache-tomcat-9.0.6\webapps">
What you are doing here, and which may make it /look/ like you are proxying, is
:
You are telling (and allowing) the Apache httpd front-end, to serve itself directly
whatever is in the tomcat webapps directory (without involving tomcat at all).
In other words, when a client requests a tomcat page (html, jsp, whatever) Apache httpd
goes /around/ tomcat, and returns this file directly to the browser, without any Java
processing at all. Tomcat does not even see that this is happening.
(And also, any kind of security that may be built into your tomcat application, is totally
bypassed.)
You can probably see this if you examine the tomcat logfiles : I bet that you will not see
any kind of access to the tomcat pages or webapps.
And see the warning in red here :
http://tomcat.apache.org/connectors-doc/reference/apache.html
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
