Location header rewriting needed
March 29, 2012 05:59AM
Hi,

currently we run Apache to proxy requests to Java servers running on different machines, but we need to rewrite the header of the requests, means we need a replacement for ProxyPassReverse. Any idea how to do that? Current setup looks like that:


<VirtualHost *:80>
ServerAdmin <admin_mail_here>
ServerName <local_server_domain>

RewriteEngine on
RewriteCond %{SERVER_PORT} !=443
RewriteCond %{REQUEST_URI} !^/rpc
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [NC,R=301,L]

ProxyPass /rpc http://<local_server_ip>:7777/rpc
ProxyPassReverse /rpc http://<local_server_ip>:7777/rpc

</VirtualHost>

Listen <local_server_ip>:443
<VirtualHost <local_server_ip>:443>
ServerAdmin <admin_mail_here>
ServerName <local_server_domain>

SSLEngine On
SSLCertificateFile /etc/apache2/ssl/<certificate_name>.crt
SSLCertificateKeyFile /etc/apache2/ssl/<certificate_name.key
SSLCipherSuite ALL:-ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP

ProxyPass /server1 http://<server1_ip>:7777
ProxyPassReverse /server1 http://<server1_ip>:7777

ProxyPass /server2 http://<server2_ip>:7777
ProxyPassReverse /server2 http://<server2_ip>:7777

ProxyPass /rpc http://<local_server_ip>:7777/rpc
ProxyPassReverse /rpc http://<local_server_ip>:7777/rpc

ProxyPass /rpc !
ProxyPass /server1 !
ProxyPass /server2 !

ProxyPass / http://<local_server_ip>:7777/
ProxyPassReverse / http://<local_server_ip>:7777/
</VirtualHost>
Re: Location header rewriting needed
March 29, 2012 09:35AM
Some more information. I now setup a config for Nginx similar to Apache, however it behaves different. The Apache will return the content from the backend server directly, while Nginx ends in an endless loop static "too many redirects" on the browser side at the end. Furthermore I noticed that when I curl -i it I get a "Location" with the URL which I actually try to access in response. The developer of the application told me that he is working with some redirects, but in his tests it always worked with the above Apache configuration.

Here is what I have in the http section of the config file:


# proxy settings
proxy_redirect off;

#client_max_body_size 10m;
client_body_buffer_size 128k;

proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_max_temp_file_size 0;

proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;

proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;

Here is how the actual replacement for the above Apache configuration looks like:


server {
listen <local_server_ip>;
server_name <local_server_domain>;

location / {
rewrite ^ https://$server_name$request_uri? permanent;
}

location /rpc {
proxy_pass http://<local_server_ip>:7777/rpc;
}
}

server {
listen <local_server_ip>:443;
server_name <local_server_domain>;

ssl on;
ssl_certificate /etc/nginx/ssl/<certificate_name>.chained.crt;
ssl_certificate_key /etc/nginx/ssl/<certificate_name>.key;

location / {
proxy_pass http://<server1_ip>:7777
}

location /server1 {
proxy_pass http://<server1_ip>:7777;
}

location /server2 {
proxy_pass http://<server2_ip>:7777;
}
}
Re: Location header rewriting needed
March 29, 2012 02:38PM
Some further information: When the Nginx config is running I get 302 FOUND response with the location header as an anwser. However the location answer is pointing to the local domain, means the proxy itself and therefore is looping.
Re: Location header rewriting needed
December 18, 2012 01:26PM
After some time I found what's causing the problem. A trailing slash was missing on the URI part:

location / {
proxy_pass http://<server1_ip>:7777
}

location /server1/ {
proxy_pass http://<server1_ip>:7777/;
}

location /server2/ {
proxy_pass http://<server2_ip>:7777/;
}

However the next problem is that due to the slash "+" characters in my URI get converted to %2b, which the backend doesn't understand. I know the solution would be to to remove the trailing slash after the 7777, however that causes the backend to not work properly either as the server is redirecting me to the main server instead of processing the request himself.

It there any other way to prevent the URI decoding/processing?
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 70
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready