Le 18/05/2021 à 22:26, vad...@gmail.com a écrit :
That format got even worse feedback and I would too :-). Lets try this one.
Have you looked at mod_macro?
CJ
ProxyPass /confluencenode1 http://nodecnf001:8092/confluencenode1
<http://nodecnf001:8092/confluencenode1>
ProxyPassReverse /confluencenode1 http://nodecnf001:8092/confluencenode1
<http://nodecnf001:8092/confluencenode1>
ProxyPass /confluencenode2 http://nodecnf002:8092/confluencenode2
<http://nodecnf002:8092/confluencenode2>
ProxyPassReverse /confluencenode2 http://nodecnf002:8092/confluencenode2
<http://nodecnf002:8092/confluencenode2>
ProxyPass /confluencenode3 http://nodecnf003:8092/confluencenode3
<http://nodecnf003:8092/confluencenode3>
ProxyPassReverse /confluencenode3 http://nodecnf003:8092/confluencenode3
<http://nodecnf003:8092/confluencenode3>
<Location /confluencenode1>
# Paths to bypass SSO
#<If "%{REQUEST_URI} =~ m#^/confluence\/rest\/#">
# Satisfy Any
#</If>
<If "%{REQUEST_URI} =~
m#^/(confluencenode1/rest/|confluencenode1/s/).*#">
Satisfy Any
</If>
Order allow,deny
Allow from all
AuthType Shibboleth
Header set X-Forwarded-Proto "https"
ShibUseHeaders On
ShibRequestSetting requireSession true
<RequireAny>
Require shib-attr AuthType "standard, x509, securePlus2,
securePlus3, piv"
Require shib-attr AppAuth true
</RequireAny>
</Location>
<Location /confluencenode2>
# Paths to bypass SSO
#<If "%{REQUEST_URI} =~ m#^/confluence\/rest\/#">
# Satisfy Any
#</If>
<If "%{REQUEST_URI} =~
m#^/(confluencenode2/rest/|confluencenode2/s/).*#">
Satisfy Any
</If>
Order allow,deny
Allow from all
AuthType Shibboleth
Header set X-Forwarded-Proto "https"
ShibUseHeaders On
ShibRequestSetting requireSession true
<RequireAny>
Require shib-attr AuthType "standard, x509, securePlus2,
securePlus3, piv"
Require shib-attr AppAuth true
</RequireAny>
</Location>
<Location /confluencenode3>
# Paths to bypass SSO
#<If "%{REQUEST_URI} =~ m#^/confluence\/rest\/#">
# Satisfy Any
#</If>
<If "%{REQUEST_URI} =~
m#^/(confluencenode3/rest/|confluencenode3/s/).*#">
Satisfy Any
</If>
Order allow,deny
Allow from all
AuthType Shibboleth
Header set X-Forwarded-Proto "https"
ShibUseHeaders On
ShibRequestSetting requireSession true
<RequireAny>
Require shib-attr AuthType "standard, x509, securePlus2,
securePlus3, piv"
Require shib-attr AppAuth true
</RequireAny>
</Location>
On Tue, May 18, 2021 at 3:33 PM <vad...@gmail.com
<mailto:vad...@gmail.com>> wrote:
Sorry the output was not clean. Trying a different format
1. ProxyPass /confluencenode1
http://nodecnf001:8092/confluencenode1
<http://nodecnf001:8092/confluencenode1>
2. ProxyPassReverse /confluencenode1
http://nodecnf001:8092/confluencenode1
<http://nodecnf001:8092/confluencenode1>
3. ProxyPass /confluencenode2
http://nodecnf002:8092/confluencenode2
<http://nodecnf002:8092/confluencenode2>
4. ProxyPassReverse /confluencenode2
http://nodecnf002:8092/confluencenode2
<http://nodecnf002:8092/confluencenode2>
5. ProxyPass /confluencenode3
http://nodecnf003:8092/confluencenode3
<http://nodecnf003:8092/confluencenode3>
6. ProxyPassReverse /confluencenode3
http://nodecnf003:8092/confluencenode3
<http://nodecnf003:8092/confluencenode3>
7.
8. <Location /confluencenode1>
9. # Paths to bypass SSO
10. #<If "%{REQUEST_URI} =~ m#^/confluence\/rest\/#">
11. # Satisfy Any
12. #</If>
13. <If "%{REQUEST_URI} =~
m#^/(confluencenode1/rest/|confluencenode1/s/).*#">
14. Satisfy Any
15. </If>
16. Order allow,deny
17. Allow from all
18. AuthType Shibboleth
19. Header set X-Forwarded-Proto "https"
20. ShibUseHeaders On
21. ShibRequestSetting requireSession true
22. <RequireAny>
23. Require shib-attr AuthType "standard, x509, securePlus2,
securePlus3, piv"
24. Require shib-attr AppAuth true
25. </RequireAny>
26. </Location>
27. <Location /confluencenode2>
28. # Paths to bypass SSO
29. #<If "%{REQUEST_URI} =~ m#^/confluence\/rest\/#">
30. # Satisfy Any
31. #</If>
32. <If "%{REQUEST_URI} =~
m#^/(confluencenode2/rest/|confluencenode2/s/).*#">
33. Satisfy Any
34. </If>
35. Order allow,deny
36. Allow from all
37. AuthType Shibboleth
38. Header set X-Forwarded-Proto "https"
39. ShibUseHeaders On
40. ShibRequestSetting requireSession true
41. <RequireAny>
42. Require shib-attr AuthType "standard, x509, securePlus2,
securePlus3, piv"
43. Require shib-attr AppAuth true
44. </RequireAny>
45. </Location>
46. <Location /confluencenode3>
47. # Paths to bypass SSO
48. #<If "%{REQUEST_URI} =~ m#^/confluence\/rest\/#">
49. # Satisfy Any
50. #</If>
51. <If "%{REQUEST_URI} =~
m#^/(confluencenode3/rest/|confluencenode3/s/).*#">
52. Satisfy Any
53. </If>
54. Order allow,deny
55. Allow from all
56. AuthType Shibboleth
57. Header set X-Forwarded-Proto "https"
58. ShibUseHeaders On
59. ShibRequestSetting requireSession true
60. <RequireAny>
61. Require shib-attr AuthType "standard, x509, securePlus2,
securePlus3, piv"
62. Require shib-attr AppAuth true
63. </RequireAny>
64. </Location>
65.
So I like to see if I can get only one Location stanza with only one
REQUEST_URI and maybe one ProxyPass and one ProxyPassReverse for all
three nodes
On Tue, May 18, 2021 at 2:29 PM <vad...@gmail.com
<mailto:vad...@gmail.com>> wrote:
Hi All,
I have this config and it works fine. Looking for a way to
consolidate it. I tried few things and no success yet.
ProxyPass /confluencenode1
http://nodecnf001:8092/confluencenode1
<http://nodecnf001:8092/confluencenode1>
ProxyPassReverse /confluencenode1
http://nodecnf001:8092/confluencenode1
<http://nodecnf001:8092/confluencenode1>
ProxyPass /confluencenode2
http://nodecnf002:8092/confluencenode2
<http://nodecnf002:8092/confluencenode2>
ProxyPassReverse /confluencenode2
http://nodecnf002:8092/confluencenode2
<http://nodecnf002:8092/confluencenode2>
ProxyPass /confluencenode3
http://nodecnf003:8092/confluencenode3
<http://nodecnf003:8092/confluencenode3>
ProxyPassReverse /confluencenode3
http://nodecnf003:8092/confluencenode3
<http://nodecnf003:8092/confluencenode3>
<Location /confluencenode1>
# Paths to bypass SSO
#<If "%{REQUEST_URI} =~ m#^/confluence\/rest\/#">
# Satisfy Any
#</If>
<If "%{REQUEST_URI} =~
m#^/(confluencenode1/rest/|confluencenode1/s/).*#">
Satisfy Any
</If>
Order allow,deny
Allow from all
AuthType Shibboleth
Header set X-Forwarded-Proto "https"
ShibUseHeaders On
ShibRequestSetting requireSession true
<RequireAny>
Require shib-attr AuthType "standard, x509, securePlus2,
securePlus3, piv"
Require shib-attr AppAuth true
</RequireAny>
</Location>
<Location /confluencenode2>
# Paths to bypass SSO
#<If "%{REQUEST_URI} =~ m#^/confluence\/rest\/#">
# Satisfy Any
#</If>
<If "%{REQUEST_URI} =~
m#^/(confluencenode2/rest/|confluencenode2/s/).*#">
Satisfy Any
</If>
Order allow,deny
Allow from all
AuthType Shibboleth
Header set X-Forwarded-Proto "https"
ShibUseHeaders On
ShibRequestSetting requireSession true
<RequireAny>
Require shib-attr AuthType "standard, x509, securePlus2,
securePlus3, piv"
Require shib-attr AppAuth true
</RequireAny>
</Location>
<Location /confluencenode3>
# Paths to bypass SSO
#<If "%{REQUEST_URI} =~ m#^/confluence\/rest\/#">
# Satisfy Any
#</If>
<If "%{REQUEST_URI} =~
m#^/(confluencenode3/rest/|confluencenode3/s/).*#">
Satisfy Any
</If>
Order allow,deny
Allow from all
AuthType Shibboleth
Header set X-Forwarded-Proto "https"
ShibUseHeaders On
ShibRequestSetting requireSession true
<RequireAny>
Require shib-attr AuthType "standard, x509, securePlus2,
securePlus3, piv"
Require shib-attr AppAuth true
</RequireAny>
</Location>
Thanks
--
Asif Iqbal
PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu <http://pgp.mit.edu>
A: Because it messes up the order in which people normally read
text.
Q: Why is top-posting such a bad thing?
--
Asif Iqbal
PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu <http://pgp.mit.edu>
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
--
Asif Iqbal
PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu <http://pgp.mit.edu>
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
