Hi Rainer, On Mon, 02 Aug 2010 10:00:57 +0200, Rainer Jung <rainer.j...@kippdata.de> wrote: > On 02.08.2010 06:31, Leon Kolchinsky wrote: >> Hello, >> >> I've configured Tomcat (apache-tomcat-5.5.26) to run behind Apache Http >> (v.2.2.3 ) using mod_jk. >> >> We have 2 of those Tomcat servers running on different machines. >> We also configured load balancer (CISCO CSM) which we want to use for SSL >> offloading and LB. >> >> Load balancer serves https requests and forwards them to http (on the >> above >> servers). >> >> The problem is that links given by apache - the generated html pages (by >> Sakai app.) appeared to include http://.... >> And this is a major problem since we can't even serve forms from https >> URL's >> (the URL of the page is https://..... but links inside the HTML page >> itself >> are from http://.... format) >> >> I've been thinking to try to resolve this with ProxyHTMLURLMAp >> (mod_proxy_html) but I have no experience with this module. >> >> Can someone give me a sample syntax that I can try to include in my vhost >> configuration? >> >> Below is my virt. host configuration: >> NameVirtualHost *:80 >> >> <VirtualHost *:80> >> ServerName servername.com >> ServerAdmin leo...@servername.com >> ServerAlias sakai-server >> >> # if not specified, the global error log is used >> ErrorLog /var/log/httpd/servername.com-error_log >> CustomLog /var/log/httpd/servername.com-access_log combined >> HostnameLookups Off >> UseCanonicalName Off >> >> # Add index.jsp to DirectoryIndex files >> DirectoryIndex index.php index.html index.htm index.shtml index.php4 >> index.php3 index.phtml index.cgi index.jsp >> >> JkMount /* worker1 > > It might be worthwhile finding out, why sakai produces wrong links. E.g.
> if you are using mod_jk to connect Apache to Tomcat, and you are talking > HTTPS to Apache, then the calls the isSecure(), getScheme(), > getProtocol() will return the information as seen by Apache, so the > webapp is able to find out that https is used and it seems to be a bug > in sakai. as I understood the issue, the problems arise from using a loadbalancer in front of the apache httpd servers, which are using mod_jk to communicate with the tomcats. The loadbalancers are terminating the ssl connection and presumably changing hostnames too. But given the documentation link you gave below, it should be easy to configure the vhost in apache httpd (or two - one for ssl, one for non-ssl traffic) by setting JkEnvVar for scheme, hostname and port if necessary. If I read http://tomcat.apache.org/tomcat-6.0-doc/config/ajp.html correctly, one could use proxyPort, proxyName and scheme in the ajp-connector. Bye Felix > > See for instance: > > http://tomcat.apache.org/connectors-doc/generic_howto/proxy.html > > If you are using http between Apache and Tomcat (not AJP13), then there > are connector settings for Tomcat to let the webapp know, that you are > actually using HTTPS on the proxy. > > If you can't fix it like this but instead really have to parse response > pages and replace links in them, three Apache module choices are > mod_proxy_html (which you already mentioned), mod_substitute and mod_sed. > > Regards, > > Rainer > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
