-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Chris,
On 11/1/13, 1:16 PM, Chris Arnold wrote: > Am 31.10.2013 20:30, schrieb Chris Arnold: >>> mod_rewrite is what's adding the extra /share/ RewriteRule >>> ^/(.*) https://192.168.123.3:8443/share/$1 [P] should be >>> something like either: RewriteRule ^/(.*) >>> https://192.168.123.3:8443/$1 [P] >> This takes me to the tomcat home page, / > If you want to be redirected to /share when the user typed /, you > could add a rewrite rule like RewriteRule ^/$ /share [R,L] This > will match only on "/". >> >>> or: RewriteRule ^/share/(.*) >>> https://192.168.123.3:8443/share/$1 [P] >> This one gives me a 403 access denied > > Here is a response from the apache list: <snip> what is happening > is when you go to https://share.example.com, Tomcat tries to > redirect you to /xxx/xxx/ If you go directly to > https://share.example.com/2ndpage/ then you get the login form, but > none of the resources (images, css) that should go along with it. > (I do not know why proxy is not working directly to the root, it > would probably be a lot of trouble to investigate.) > > In general, that is the point of ProxyPassReverse: to catch this > type of response and rewrite it. We did not look at that much, but > it could potentially solve the problem. I suspect it would need to > be something like (one or both, depending on exactly what is > happening) ProxyPassReverse / https://192.168.123.3:8443/xxx/ > ProxyPassReverse / https://share.example.com/xxx/ > > Another option is to look for a setting in Tomcat that would remove > /xxx. I don't know anything about alfresco, so I am not sure where > to start with that. > > A third option might be to use mod_jk instead of Proxy, but I don't > know exactly how to do that either. </snip> > > So i was not able to get any of those to work. So i moved to the > third option, mod_jk. It is loaded. I make the changes in my > vhost: #This rewrites https://share.anydomain.tld to our share > server RewriteEngine On RewriteCond %{HTTP_HOST} ^share\. > RewriteCond %{HTTPS} on RewriteRule ^/(.*) > ajp://192.168.123.3:8443/share/$1 [P] The above is not using mod_jk. If you are using mod_jk, then you are either using the "JkMount" directive, or the "SetHandler jk" directive. Anything else is using mod_proxy_(http|ajp). > This gives internal server error 500 when going to > https://share.example.com. Here are the apache logs: > > Fri Nov 01 12:49:32 2013] [notice] Apache/2.2.12 (Linux/SUSE) > mod_ssl/2.2.12 OpenSSL/0.9.8j-fips mod_jk/1.2.26 PHP/5.2.14 with > Suhosin-Patch mod_perl/2.0.4 Perl/v5.10.0 configured -- resuming > normal operations [Fri Nov 01 12:49:41 2013] [warn] proxy: No > protocol handler was valid for the URL /. If you are using a DSO > version of mod_proxy, make sure the proxy submodules are included > in the configuration using LoadModule. [Fri Nov 01 12:49:41 2013] > [warn] proxy: No protocol handler was valid for the URL > /error/HTTP_INTERNAL_SERVER_ERROR.html.var. If you are using a DSO > version of mod_proxy, make sure the proxy submodules are included > in the configuration using LoadModule. [Fri Nov 01 12:50:07 2013] > [warn] proxy: No protocol handler was valid for the URL > /share/page/. If you are using a DSO version of mod_proxy, make > sure the proxy submodules are included in the configuration using > LoadModule. [Fri Nov 01 12:50:07 2013] [warn] proxy: No protocol > handler was valid for the URL > /error/HTTP_INTERNAL_SERVER_ERROR.html.var. If you are using a DSO > version of mod_proxy, make sure the proxy submodules are included > in the configuration using LoadModule. [Fri Nov 01 12:50:07 2013] > [warn] proxy: No protocol handler was valid for the URL > /favicon.ico. If you are using a DSO version of mod_proxy, make > sure the proxy submodules are included in the configuration using > LoadModule. [Fri Nov 01 12:50:07 2013] [warn] proxy: No protocol > handler was valid for the URL > /error/HTTP_INTERNAL_SERVER_ERROR.html.var. If you are using a DSO > version of mod_proxy, make sure the proxy submodules are included > in the configuration using LoadModule. [Fri Nov 01 12:50:07 2013] > [warn] proxy: No protocol handler was valid for the URL > /favicon.ico. If you are using a DSO version of mod_proxy, make > sure the proxy submodules are included in the configuration using > LoadModule. [Fri Nov 01 12:50:07 2013] [warn] proxy: No protocol > handler was valid for the URL > /error/HTTP_INTERNAL_SERVER_ERROR.html.var. If you are using a DSO > version of mod_proxy, make sure the proxy submodules are included > in the configuration using LoadModule ... or not using anything at all. Only mod_proxy_ajp understands ajp:// URLs. > How can i get users to type in http://share.example.com and this > land on https://share.example.com/xxx/xxx? <VirtualHost ...> ServerName share.example.com RedirectPermanent / https://share.example.com/xxx/xxx? </VirtualHost> ? Honestly, I don't know why you don't just use a redirect instead of trying to modify requests in-flight. Redirects are easy and set everything up for the user with a single request/response without having to do all kinds of backflips. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJSdCJ9AAoJEBzwKT+lPKRYBd8QAKnEaoo0h6zV7N5tGSRGlEI9 EozedC5YCnUDKx6PqR7uNUaVTY9lGIwsXSeseI0uUqNzG7OVgMJkwNZcnqEEUvpQ 6e2zQpuf1prc6sUWvISWGmydd3NzoTZilPkGMigGQc94B+KPACZdIb8rTyVZ9wl7 OSHahwlK4YPH2xzrJbDCa8j6gFxqgTUQdZhMSH+TAGkCNNw/js/zQptFGxj96CjI +JsO16nk4O7EhGbVWtMT98p9BhM6gSwiM9JJO9tPqgOjCDUbTvmMbrhyUyJtI+dH EKXvmEthXdnFtecrdEMJAfn3nbaoCTXJFyaeVJfc3MDagVbfPtYQlO2NVBHpItDI jpGHjh10yr6sQCVBE7EZQZD/z2NL1OrnDw/C21ODZy+PRymzqmguSgu3f4JKgHHV OiRHHT1FeUgwjQdaal0CnBSOlxZSsi9rYs2dOnuViGgyiklxOgKvkl6hkl2NjkTW FqU25wRpHK++NCYRezha6PT1Ap0/ksJgV7deccIUYj9eEdkuR0ncxakpArteW/gx vOKkPu1qJ77S71ipaw6u0g2FlmOC/6EmCs99LFBGJ3PF0hPFSpa9SREaLwQpbKrG P5oH9qVgpmHtiK+MigkD7wHnVw2UR8AIsnzgJXz9W5anqmwU2x4dLXqQhXSguzDJ 6ugenqsbIQ5FyDX5i81A =D8vm -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
