Enterprise portal access using reverse proxy using Apache and webdispatcher

Hi Guys,
As requirement, we need to give solution to customer about Reverse proxy scenario. I am new to this part.
What we have think of to use Apache and Web dispatcher.
I tried to search documents and found some sdn links also but still i am not comfortable to go about.
Need suggestion and document if anyone has used so far.reverse proxy.
As basis person, we need to do all ( Apache installation, Apache configuration, Web dispatcher installation and configuration, integration with EP.)
It will helpful to me if i can get Apache installation, Apache configuration part and integration with EP, or web dispatcher, configuration etc.
Thanks,
Deepak

We used Netscaler for Reverse Proxy implementation and can assure you that network team performed most of the set ups. This was on EP 7.01.
From BASIS stand point it would be primarily Web Dispatcher Configuration.
Also refer the links I specified in another thread. There are several scenarios discussed there -
Re: Post values for userid and passowrd fields in logon page
http://wiki.sdn.sap.com/wiki/display/BSP/Using+Proxies
~ Dhanz

Similar Messages

  • Unable to set session in Oracle Portal useing reverse proxy

    I have deployed a reverse proxy (using Oracle HTTP Server) in front of a Oracle Portal Install (version 10.1.2.0.2). The steps followed to set this up came from the following documents:
    Steps mentioned in Section 9.2 Configuring a Reverse Proxy for OracleAS Portal and OracleAS Single Sign-On for a reverse proxy on a Oracle HTTP Server.
    http://download-west.oracle.com/docs/cd/B14099_15/core.1012/b13998/variants.htm#ASTED005
    Also performed steps mentioned in -> Section 5.3.7 - Step 7: Enable Session Binding on OracleAS Web Cache of the Oracle® Application Server Portal Configuration Guide 10g Release 2 (10.1.2) -- B14037-03.
    My current (example names shown only)setup details are as follows:
    Reverse Proxy for SSO server (running on internal.oracle.com:7777): proxy.oracle.com:7777
    Reverse Proxy for Portal server (running on internal.oracle.com:7778): proxy.oracle.com:7778
    With the above steps completed, I can successfully use the http://proxy.oracle.com:7777/pls/orasso for login into SSO without any issues.
    Users get authenticated successfully.
    I can also use http://proxy.oracle.com:7778/pls/portal for viewing pages on the portal fine . All self referencing links have also been successfully modified to point to proxy.oracle.com:7778.
    However, an attempt to login in the portal is not successful. Clicking on the 'Login' link successfully redirects to the SSO login page (http://proxy.oracle.com:7777/<login-page>). However, after successful authentication, the success page fails to show up and the user gets shown the initial login portal home page again.
    There are no error messages shown on the screen.But it seems that user session is failing to be initiated/set correctly, as shown by the log file (in $PORTAL_ORACLE_HOME/j2ee/OC4J_Portal/application-deployments/portal/OC4J_Portal_default_island_1/application.log ):
    06/11/21 16:49:31 portal: [module=RepositoryServlet, ecid=83928411196,1] Repository Gateway: LWUser: PUBLIC, Cookie: oracle.uix=0^^GMT+10:00;
    portal=9.0.3+en-au+us+AUSTRALIA+22BC75924EEAD8A2E040007F010019F7+8DAC5E3559C95F5E0090A6F56FFA58192CB0F437CA57A9102A6394F1EB7FAB5DEE3BFA12C65
    91C0C009B6......
    06/11/21 16:49:31 portal: [module=RepositoryServlet, ecid=83928411196,1] ERROR: Repository Gateway error: Database Error: ORA=20001 ORA-20001:
    Unable to obtain session information from the cookie. Please close your browser and reconnect.
    ORA-06512: at "PORTAL.WPG_SESSION", line 149
    ORA-06512: at line 22
    Any help with this will be appreciated.
    Thanks.

    Hi Chris,
    The begin of the expection stack gives you the reason:
    06/11/03 09:13:59 java.sql.SQLException: The method 'setSavepoint' cant be called when a global transaction is active
    The reason is, that either the whole global transaction must be commited or rollbacked.
    I don't know your actual configuration, but between the methods begin() and commit()/rollback() of the UserTransaction instance, OC4J/OracleAS uses a global transaction (= XA transaction) in your configuration. The state of a global transactions is completely under the control of the application server and several restrictions must be considered. One of them is, that you can't use the method setSavePoint/. E.g. you can't also call the method setAutoCommit(true) in this state, or change the transaction isolation level via setTransactionIsolation(newLevel).
    This is NOT a limitation of the OC4J/OracleAS but is true for ALL application servers.
    P.S. I can successfully set savepoints and rollback to savepoints in weblogic 9.0This means, that WebLogic 9.0 doesn't use a global transaction in this case.
    Because I don't know your configurations (Oracle and WebLogic) I can't say, why the behave different in this situation.
    Best,
    Manfred

  • BI FPN using Reverse proxy

    Hi,
    We are integrating BI reports using FPN to main portal that is accesed using WebSeal. We have BI, Portal running on same box. There is a junction " /irj " defined in webseal for portal and another junction "/sapbi"for BI system. when we access the reports directly using portal url, we are able to see report and it works fine. When we access portal through webseal url then we are able to see the report but when we click on any button it comes up with exception.
    does anybody got any idea, why we are facing this issue with reverse proxy access.
    we are on BI7 and EP7.
    Regards
    Ravindra

    Hi,
    Which SP you are on?
    Consumer and producer portals must reside in the same domain.
    FIXED with SAP NetWeaver 7.0 SPS 09: This can be achieved using reverse proxies that support portals in multiple domains. A detailed document that describes how to implement a federated portal network whereby the producer and the consumer are not in the same domain, is available at https://www.sdn.sap.com/irj/sdn/howtoguides SAP NetWeaver 2004s, User Productivity Enablement, Running an Enterprise Portal.
    Reverse proxy is not supported: Despite being documented in the release notes as supported, usage of a reverse proxy in FPN scenario has not been validated. Reverse proxy as part of the FPN environment is not supported when using remote role assignment.
    FIXED with SAP NetWeaver 7.0 SPS 09: A configuration guide provides instructions on how to implement a federated portal network with reverse proxy as part of the environment (can be found at: https://www.sdn.sap.com/irj/sdn/howtoguides SAP NetWeaver 2004s, User Productivity Enablement, Running an Enterprise Portal, "How to Set up Federated Portal Network Scenarios with Reverse Proxies").
    Refer SAP Note: 880482 - Central Note: Federated Portal Network (SAP NetWeaver 7.0)
    Regards,
    Anagha

  • Why do we use reverse proxy for Oracle RAC Cluster setup

    Hello All,
                 I got this question lately.. "why do we use reverse proxy for Oracle RAC Cluster setup". I know we use the reverse proxy at Middleware level for multiple security reasons.
    Thanks..

    "why do we use reverse proxy for Oracle RAC Cluster setup".
    I wouldn't. I wouldn't use a proxy of any sort for the Cluster Interconnect for sure.
    Cheers,
    Brian

  • Reverse Proxy Configuration - Apache as an SSL reverse-proxy

    Hi,
    We have EP 6.0 SP 14 installed with SSL configured.
    We are in need to open the application to internet.
    For the same we have set up a reverse proxy server (Apache as SSL
    Reverse Proxy).
    Our requirement is to open the application to the internet with
    web address https://abc.domain.com.
    The issue is we are able to access the application from internet only when
    https://abc.domain.com/irj/potal is typed.
    (ie.) Mapping is working fine for
    https://abc.domain.com/irj/portal to
    our EP Portal address https://abc2.domain.com:50001/irj/portal
    And not working for mapping https://abc.domain.com to our EP Portal
    address https://abc2.domain.com:50001/irj/portal
    We have been working on to resolve this issue for days together but have been really unsuccessful
    Kindly help us in resolving the same asap.
    Note : The references we used are:
    1. SAP's document:
    "Apache Reverse Proxy Configuration for J2ee 6.20 and 6.40 Web Applications"
    2. Weblogs:
    The Reverse Proxy Series -- Part 1: Introduction
    The Reverse Proxy Series -- Part 3: Apache as a reverse-proxy
    The Reverse Proxy Series -- Part 3.1: Apache as an SSL reverse-proxy
    Regards,
    venkat.

    Thanks much for the feedback. We're using the default settings on the HTTP rule we have set up for the portal on the ISA server. We'll be looking into the details of what the default rule settings are, however we did find a note in the Microsoft Knowledge base detailing with the ISA server screening high bits in URL strings for Outlook Web Access (OWA). This generates a similar error message. Here is the link to the detailed note on the Microsoft web site:
    http://support.microsoft.com/?scid=kb;en-us;837865
    Also,we are going to be applying the SP1 upgrade to the ISA server (released in March) to see if this might be some type of issue that may have been identified and corrected by the service pack. We'll see what happens with that.
    One area where we can recreate the problem at will is when we set up the system landscape configuration. We can navigate to a system configuration object, however when we attempt to right click to edit the object we get the error. There are other circumstances where we get errors but that is one that occurs for sure. Anyone have any idea as to what might be special about that type of transaction??
    Thanks again.
    Rich

  • Reverse Proxy plug in and Load Balancer Plug in

    Hi,
    Can anyone please provide me with an example obj.conf file showing how to combine the reverse proxy plug-in and Load Balancer plug-in.
    I would like to use the reverse proxy plug in to detect when static content is requested and provide this from the web server. Requests for dynamic content would then be forwarded to an Application server via the Load balancer plug-in. I have found plenty of documentation on how to configure these plug-in separately but nothing on how to combine the two.

    smiking
    reverse proxy plugin - its job is to forward the requests to another server for a specific task. you can use the webserver 7 . it does forward and limited load balancing (using round robin ) based on the number of servers you provide in the configuration. i would say this is a poor man's setup.
    load balancer plugin - some app servers like sun java system app server or web logic provide this plugin so that you can effectively use the back end app server
    with both these setup, you can <if> constructs to determine which requests need to be forwarded to the back end server.
    I wonder, why do you need both - if both of them is designed to do the same thing.

  • Configure reverse proxy using Apache 2.2.15

    Dear Experts,
    I am in the process of configuring reverse proxy for my portal so that ppl outside the network can access my servers.
    We are on SUSE Linux 10 SP2, installed Apache 2.2.15 and started apache successfully.
    When i run command ps -ef | grep httpd, i get list of processes that are running.
    But when i open mozilla on the server where i installed apache and type http://myhost.domian.com:8080 it doesnt display any screen.
    I still assume that my apache is running. Please correct me on the above.
    Now i have configured my httpd.conf based on help.sap.com and various threads on sdn and it looks something like below
    ====================================================================================================
    ProxyPass /irj http://myhost.mydomian.com:50100/irj/
    ProxyPassReverse /irj http://myhost.mydomian.com:50100/irj/
    ProxyPreserveHost On
    #####################################r Reverse Proxy
    ProxyRequests off
    ProxyPreserveHost On
    <VirtualHost 172.XXX.XX.XX:80>
    #DocumentRoot Webserver doc root, eg "C:/.../htdocs"
    #ServerName <http:// Domain Name eg www.domainA.com >
    #ErrorLog logs/Domain.com-error_log
    #CustomLog logs/Domain.com-access_log common
    (Commented the above lines as i did not understand what i need them for.. please help on the above)
    RewriteEngine On
    RewriteLog logs/myhost_unsecured_rewrite.log
    RewriteLogLevel 9
    <Directory />
    Options None
    AllowOverride None
    </Directory>
    RewriteRule ^/(.*)$ http://myhost.mydomian.com:50100/$irj1/ NC,P
    ProxyPassReverse /irj http://myhost.mydomian.com:50100/
    </VirtualHost>
    With the above configuration will i be able to acheive my goal of using this server as my reverse proxy and also for redirecting the host name.
    Please help me on the above
    Thanks and regards
    Hunky

    If you search for "reverse proxy apache" you'll find quite lots of resources (blogs, articles) here on the SDN.
    You may start with
    FEATURED EVENTS
    Markus

  • Issues in ssl configuration with apache server (using reverse proxy)

    Hi,
    I am able to use apache server as a reverse proxy to connect to Portal. When I enter the web server url as https://mywebserver.com, I am able to connect to the http url of the Portal. But the moment I try to connect to the https url of Portal with this https url, I am not able to connect to the Portal. Thus I am not able to use apache as a proxy server for https connections it makes. What must I do. I read that mod_proxy_connect needs to be used, but how do I use this?
    The second problem is that I need to use more than one kind of mapping.
    For example I must be redirected to the Portal even if I use http://webserver.com , or even if I use https://webserver.com or even if I use http://webserver.com/irj or https://webserver.com/irj or http://ipaddress-websserver/irj etc

    I have SSLCertificateFile and
    and SSLCertificateKeyFile .
    My problem is with regard to ssl/CertificateChainFile?
    what is this? Also how do I upload my J2EE Certificate into apache.
    The problem is with Apache handshake is not happening.
    I am forwarding the entire log during . I have put what I consider important in bold.Please have a look.
    <b>----
    </b>
    Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1769): OpenSSL: Handshake: start
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1777): OpenSSL: Loop: before/connect initialization
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1777): OpenSSL: Loop: SSLv2/v3 write client hello A
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1512): OpenSSL: read 7/7 bytes from BIO#629160 [mem: 47855a8] (BIO dump follows)
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1459): ----
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0000: 16 03 01 04 1a 02                                ......           |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1488): | 0007 - <SPACES/NULS>
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1490): ----
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1512): OpenSSL: read 1048/1048 bytes from BIO#629160 [mem: 47855af] (BIO dump follows)
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1459): ----
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0000: 00 36 03 01 44 74 67 cb-38 b5 8e 42 3b 59 c3 6c  .6..Dtg.8..B;Y.l |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0010: 23 5c 07 d0 8b 24 89 89-11 2e 0d 80 ed 1a 06 ea  #
    ...$.......... |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0020: 1d 10 b0 59 10 28 7c b4-02 cb d6 08 a8 e4 ea 5a  ...Y.(|........Z |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0030: e5 88 5c 5d 90 00 39 00-0b 00 01 cc 00 01 c9 00  ..
    ]..9......... |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0040: 01 c6 30 82 01 c2 30 82-01 2b a0 03 02 01 02 02  ..0...0..+...... |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0050: 04 36 0b 23 72 30 0d 06-09 2a 86 48 86 f7 0d 01  .6.#r0...*.H.... |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0060: 01 04 05 00 30 14 31 12-30 10 06 03 55 04 03 13  ....0.1.0...U... |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0070: 09 6c 6f 63 61 6c 68 6f-73 74 30 1e 17 0d 30 33  .localhost0...03 |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0080: 31 30 30 32 30 37 32 35-30 30 5a 17 0d 30 35 31  1002072500Z..051 |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0090: 30 30 32 30 37 32 35 30-30 5a 30 14 31 12 30 10  002072500Z0.1.0. |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 00a0: 06 03 55 04 03 13 09 6c-6f 63 61 6c 68 6f 73 74  ..U....localhost |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 00b0: 30 81 9f 30 0d 06 09 2a-86 48 86 f7 0d 01 01 01  0..0...*.H...... |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 00c0: 05 00 03 81 8d 00 30 81-89 02 81 81 00 ef d6 ff  ......0......... |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 00d0: a6 39 e1 64 a5 d3 fb 16-de 4e ee 1d 81 84 31 bc  .9.d.....N....1. |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 00e0: e6 b7 96 07 3e 81 b9 94-d1 c1 e0 f9 00 3a 84 e8  ....>........:.. |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 00f0: 7a 30 11 cd 41 26 d6 6c-95 90 93 95 17 e0 1a b7  z0..A&.l........ |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0100: 00 0f 59 33 7d 1d f3 a0-83 17 c5 f3 7e b3 ad ed  ..Y3}.......~... |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0110: c9 60 ac af 9e 31 d2 ec-42 71 f9 c3 98 2e 93 f9  .`...1..Bq...... |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0120: 9d c3 c4 3d b3 7d 9b 97-83 1c 6b bd c0 75 cc 96  ...=.}....k..u.. |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0130: dc b9 a0 1b 00 79 85 e4-19 1f 61 42 54 db 91 94  .....y....aBT... |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0140: d8 1d 72 13 08 36 22 49-3b fb 05 dc 33 02 03 01  ..r..6"I;...3... |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0150: 00 01 a3 21 30 1f 30 1d-06 03 55 1d 0e 04 16 04  ...!0.0...U..... |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0160: 14 ed ed 02 af 94 13 59-1c 42 e6 69 40 e5 80 dd  .......Y.B.i@... |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0170: a4 e9 33 91 02 30 0d 06-09 2a 86 48 86 f7 0d 01  ..3..0...*.H.... |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0180: 01 04 05 00 03 81 81 00-2c 22 08 bd 71 b6 80 43  ........,"..q..C |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0190: 5a 2a 8b e8 62 34 b4 b4-84 8a 47 4b 97 5e bf dd  Z*..b4....GK.^.. |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 01a0: 17 4c 0a 1c b7 0e cd c5-d1 cc d8 77 cd 38 10 ef  .L.........w.8.. |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 01b0: 22 02 f0 02 7f a2 39 2b-53 eb 31 b6 18 49 37 a0  ".....9+S.1..I7. |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 01c0: 50 47 f2 34 ab 33 eb 5f-ec 5a f9 f7 53 5f 27 eb  PG.4.3._.Z..S_'. |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 01d0: 02 7f b4 28 3e e8 b1 c7-59 df 2c 93 25 c5 34 14  ...(>...Y.,.%.4. |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 01e0: 7a 34 7c 45 b4 eb 6b 34-93 26 98 51 37 d3 e6 b0  z4|E..k4.&.Q7... |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 01f0: 7f 83 e3 a9 04 d3 47 b3-3d de 43 57 27 45 82 c0  ......G.=.CW'E.. |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0200: 4d 48 bf c0 a7 2f 66 0c-0c 00 02 08 00 80 af 76  MH.../f........v |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0210: 1f f5 f6 48 a0 01 0f ed-55 4c 53 9a 7c 07 7a ba  ...H....ULS.|.z. |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0220: c7 9d 77 e8 8b c7 66 8f-80 03 18 c5 1f 4f 2a a0  ..w...f......O*. |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0230: 08 6f 9f e3 13 94 30 56-e7 2f 96 7c 26 97 ba 12  .o....0V./.|&... |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0240: aa fd 3e 43 e1 46 c2 d1-32 94 56 45 52 c0 24 6f  ..>C.F..2.VER.$o |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0250: 38 e0 93 0f 3a f8 0a 7c-41 0e 4c 54 4f 5a 7e d4  8...:..|A.LTOZ~. |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0260: 62 e6 71 cd a0 dc 1e 9b-17 e5 10 71 3c 9d c6 39  b.q........q<..9 |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0270: 05 50 b6 15 37 0b 68 4f-24 50 74 47 13 1c 74 d8  .P..7.hO$PtG..t. |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0280: 81 27 81 71 3a 4a c5 26-7d b8 e6 21 b3 d9 00 80  .'.q:J.&}..!.... |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0290: 4f 6f 5d e6 2d dc 77 46-e6 77 b1 94 3d 65 5b b0  Oo].-.wF.w..=e[. |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 02a0: 3d 39 7a 6c a2 c7 0b e3-27 08 fa 48 8d 75 1a fe  =9zl....'..H.u.. |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 02b0: 32 e6 13 d1 31 65 7d d5-11 34 21 78 38 d1 11 fb  2...1e}..4!x8... |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 02c0: ea 59 8e 24 79 5a 4b c2-f7 98 22 51 9f a7 4d 2b  .Y.$yZK..."Q..M+ |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 02d0: 15 98 fe d4 43 4b 34 25-b3 9b b3 ae 57 d1 ea 69  ....CK4%....W..i |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 02e0: 6e 02 7e 61 d7 80 b6 73-6a 3e ac eb 69 38 67 8f  n.~a...sj>..i8g. |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 02f0: a9 2a dc 93 3d 22 f3 6e-6a 5d 51 1f b1 b1 10 5e  .*..=".nj]Q....^ |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0300: 82 28 48 0d 5a 78 f8 17-61 e0 c5 43 61 7a 42 6a  .(H.Zx..a..CazBj |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0310: 00 80 42 fa 7e 11 b2 77-3a 8c de f1 52 5a e1 18  ..B.~..w:...RZ.. |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0320: d4 e7 8f ee 2c e0 06 ef-d5 37 87 62 07 14 d1 5a  ....,....7.b...Z |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0330: ca 30 be fd dd 76 47 8f-ed f4 5f f3 64 6c 32 a9  .0...vG..._.dl2. |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0340: d5 07 e2 9b f1 29 a3 bf-33 4a ed 72 6b 2e c3 0f  .....)..3J.rk... |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0350: 30 bd 13 a1 42 d8 f7 1d-58 8a 1c 53 d6 c3 c8 6e  0...B...X..S...n |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0360: 0e 51 e3 f5 a0 37 68 0d-04 c6 0e c4 4d cc ed 7c  .Q...7h.....M..| |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0370: ef 8f 81 b3 52 34 0c 60-eb f8 01 19 cc 95 31 55  ....R4.`......1U |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0380: 7d 16 bf 0c df b8 e0 3d-8f 7c 7a 4a 64 98 93 59  }......=.|zJd..Y |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0390: eb ae 00 80 ef cb bc 38-ab 16 0e a2 b2 2d fa 0f  .......8.....-.. |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 03a0: da 55 2d 67 a8 b8 34 1b-bf 39 d9 d6 da 65 f2 8f  .U-g..4..9...e.. |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 03b0: 6f a2 b1 1d db bb d5 dd-ab cf 9e 63 00 e4 57 a5  o..........c..W. |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 03c0: 18 4a dc 60 b0 97 5d 67-34 96 bf a2 43 2b 7d 70  .J.`..]g4...C+}p |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 03d0: d6 99 d2 31 d2 11 f4 f2-19 b8 0c 41 7d bf b1 7c  ...1.......A}..| |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 03e0: fb 31 cb 3e c2 0a e2 26-1a 7e 63 50 9b 62 c3 82  .1.>...&.~cP.b.. |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 03f0: ca cd 36 82 0c 56 5f 26-f6 cc c6 6f 03 92 cc f5  ..6..V_&...o.... |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0400: 6b 55 1a d6 92 f9 5b 59-18 c2 62 21 eb d8 a4 ea  kU....[Y..b!.... |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0410: fd b6 3e f7 0e                                   ..>..            |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1488): | 1048 - <SPACES/NULS>
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1490): ----
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1777): OpenSSL: Loop: SSLv3 read server hello A
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1207): Certificate Verification: depth: 0, subject: /CN=localhost, issuer: /CN=localhost
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1207): Certificate Verification: depth: 0, subject: /CN=localhost, issuer: /CN=localhost
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1207): Certificate Verification: depth: 0, subject: /CN=localhost, issuer: /CN=localhost
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1777): OpenSSL: Loop: SSLv3 read server certificate A
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1777): OpenSSL: Loop: SSLv3 read server key exchange A
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1777): OpenSSL: Loop: SSLv3 read server done A
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1777): OpenSSL: Loop: SSLv3 write client key exchange A
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1777): OpenSSL: Loop: SSLv3 write change cipher spec A
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1777): OpenSSL: Loop: SSLv3 write finished A
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1777): OpenSSL: Loop: SSLv3 flush data
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1512): OpenSSL: read 5/5 bytes from BIO#629160 [mem: 47855a8] (BIO dump follows)
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1459): ----
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0000: 15 03 01 00 02                                   .....            |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1490): ----
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1512): OpenSSL: read 2/2 bytes from BIO#629160 [mem: 47855ad] (BIO dump follows)
    Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1459): ----
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0000: 02 28                                            .(               |
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1490): ----
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1782): OpenSSL: Read: SSLv3 read finished A
    [Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1801): OpenSSL: Exit: failed in SSLv3 read finished A
    [Wed May 24 07:03:54 2006] [info] SSL Proxy connect failed
    [Wed May 24 07:03:54 2006] [info] SSL Library Error: 336151568 error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure
    [Wed May 24 07:03:54 2006] [info] Connection to child 249 closed with abortive shutdown(server apacheserver:443, client j2eeserver)
    [Wed May 24 07:03:54 2006] [error] (20014)Error string not specified yet: proxy: pass request body failed to j2eeserver:50001 (j2eeserver)
    [<b>Wed May 24 07:03:54 2006] [error] (20014)Error string not specified yet: proxy: pass request body failed to j2eeserver:50001 (j2eeserve) from apacheserver ()
    [Wed May 24 07:04:10 2006] [debug] ssl_engine_io.c(1523): OpenSSL: I/O error, 5 bytes expected to read on BIO#612610 [mem: 62ac80]
    [Wed May 24 07:04:10 2006] [info] (OS 10060)A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.  : SSL input filter read failed.
    [Wed May 24 07:04:10 2006] [debug] ssl_engine_kernel.c(1787): OpenSSL: Write: SSL negotiation finished successfully
    [Wed May 24 07:04:10 2006] [info] Connection to child 249 closed with standard shutdown(server apacheserver:443, client apacheserver)
    </b>

  • Reverse Proxy from Apache to portal to 2 different ITS Systems

    We're using Apache 2 webserver and we've enabled reverse proxy from our proxy server to our Enterprise Portal 7.0.  We have transaction iviews for different systems, an ECC 6.0 and CRM 5.0.  We are using the integrated ITS for these systems provided with basis version 7.0.  We have all the necessary ports open in the firewall.  I know how to configure the proxy when there's only one ITS server, but how would I do it for two (the ECC and CRM system)?

    We have integrated ITS.  I am not sure I understand where you are going with globalr.srvc file.  We have two systems that we want to hit from the portal via reverse proxy.  One is the ECC system and the other CRM 5.0.  In our portal we use the integrated ITS for each system:
    ECC sytem:
    http://ecc.system.com:8001/sap/bc/gui/its/sap/webgui
    CRM sytem:
    http://crm.system.com:8001/sap/bc/gui/its/sap/webgui
    The issue is how would I map to both ITS from the Apache reverse proxy

  • Problems with apex and anychart (using reverse proxy)

    Hi,
    Im using 2 Servers. The first with Apache2 and the /i/ directory and the second with a Oracle XE Database.
    The imagedirectory is at the first server.
    Heres my Apache Setup:
    <Location /apex>
    Options None
    Order allow,deny
    allow from all
    ProxyPass http://..(remote_ip)..:8080/apex
    ProxyPassReverse http://..(remote_ip)..:8080/apex
    </Location>
    Alias /i/ /var/i/
    <Directory "/var/i/">
    Options None
    AllowOverride None
    Order allow,deny
    Allow from all
    </Directory>
    if I open a page with a anychart chart I get this error:
    "Flash Security Error
    Anychart can not be launched due to Flash Security Settings violation.
    Please refer to Security error Article in Anychart Documentation..."
    http://www.anychart.com/products/anychart/docs/users-guide/index.html?security-error.html
    I think I have to place a crossdomain.xml
    Placing the crossdomain.xml in example.com/ root-directory doesn't work?
    thanks for any help

    Hi Christoph,
    Yes, the APEX Listener works with Oracle XE. The APEX Listener is currently an Early Adopters release, and is available for download from here: http://www.oracle.com/technology/products/database/application_express/html/apex_listener_download.html. I would recommend reviewing the accompanying Installation Guide before proceeding. There's an 'APEX Listener Feedback' thread - APEX Listener Feedback - which may also proof useful to you. There's also another related thread on this topic: Re: #HOST# Substituin incorrect for charts via Reverse Proxy which discusses the replacement of the #HOST# substitution string.
    Regards,
    Hilary

  • Using reverse proxy for load balancing

    Hello,
    i have succesfully configured a reverse proxy ( Sun Web Server 7 ) to balance load between two application servers ( Sun Application Server 9.1), however i do not want randon assignment of requests using a round robin algorithm ( default option in Sun Web Server 7) but rather i want to apply a 80/20 rule so that one application server will receive 80% of the requests and the other will receive 20%.
    Is there a way of performarming such a task.
    your help is really appreciated.
    thank you

    thank you for the reply,
    actually i tried it yesterday and it seems to work.
    in my reverse proxy settings i added one server two times and the other once and 66% of the requests were forwarded to the first server.
    now i have enabled the scenario that you are mentioning above and i so far requests seem to be proceced using the 80% 20% scenario.

  • Using reverse proxy and terminating ssl on them

    Hello
    I am trying to set up IAS 9.03 on 2 machines one holding the infrastructure and one holding the midtier.
    We want to terminate the ssl traffic on reverse proxys on apache. I am not very good at this so i am looking for a solution i read that you can do this in the whitepapers on the subject IAS.
    Much thanks for any answer.
    Boris

    1) So initially we had the following:
    <Object name="reverse-proxy-/">
    Route fn="set-origin-server" server="http://server-backend"
    </Object>
    ... and when getting a 401 from the back-end server it would seem that entering credentials in the dialog prompt does not work as is OOB; had it worked we would not have attempted anything further and hence this post would not exist... if we directly access the back-end server our credentials work so that is not the issue.
    2) I agree that the "set-basic-auth" directive should be removed - as it is clearly to supply a user id and password - what was provided was a far fetched attempt to get this to work and will clearly remove it as well as the "forward-proxy-agent" and "forward-proxy-auth"
    When you configure Web Server 7.0 as a reverse proxy, basic auth should work out of the box. If it doesn't, I recommend looking at the HTTP messages to figure out what's gone wrong. If you don't know how to do that and you have a support contract, Sun support should be able to help you.That is interesting - is this OOB feature documented anywhere?
    I'll turn up the log level on the RP and see what happens - if I turn it high enough should I be able to see the request headers being forwarded; I'll also try to look at the backend server logs. Is there anything else you suggest - i.e. should be trying to snoop the traffic....

  • Reverse Proxy using S1AS7 with libpassthrough.so

    My second tier is not functionning properly when placed behind a S1AS7 with reverse proxy
    Client ====== SunOne web server with Passthrough ====== .NET app server & web services.
    The web server configuration (reverse proxy � libpassthrough.so) is configured and is working correctly when it comes to requesting normal pages, however a problem arises when the request is made either by:
    1- Invoking a web service on the .Net tier, or
    2- The .Net tier performs a server.transfer call within the same .net server (Page transfer)
    Keep in mind that the .Net tier works fine when not accessed through the reverse proxy.
    We tried to isolate the problem from different angles but came up short, the http server log shows that the request was made
    192.168.2.7 - - [14/Jul/2004:14:10:56 +0300] "POST /wavedms2.0/TestWebService/TestService.asmx HTTP/1.1" 100 0
    Although response 100 indicates that it is waiting for more, while the web service error shows the following:
    The underlying connection was closed: An unexpected error occurred on a receive.
    at System.Web.Services.Protocols.WebClientProtocol.GetWebResponse(WebRequest request)
    at System.Web.Services.Protocols.HttpWebClientProtocol.GetWebResponse(WebRequest request)
    at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
    at TestWebService.oWebService.MyWebSvc.HelloWorld()
    at TestWebService.Form1.button1_Click(Object sender, EventArgs e)
    I appreciate any help you can provide us with a solution on this issue.

    Thanks a million, yes it is exactly the same
    Do you know if this release is available for download / purchase????

  • Can i setup a secure reverse proxy using sun one web proxy server and windows 2000?

    I've tried this on IPlanet Proxy 3.6 and, after reading the documentation, realized that SSL is not supported on the Windows platform. So I'm asking if it is supported using Sun One Web Proxy Server

    Hi,
    Yes, What you say is right.
    "The NT and Windows 2000 versions of iPlanet Web Proxy Server 3.6 do not support SSL".
    Sun One Web Proxy Server is as same as iPlanet webproxy server.
    May be in future relase of proxy server SSL will be supported in Win2000.
    Regards,
    Dakshin.
    Developer Technical Support
    Sun Microsystems
    http://www.sun.com/developers/support.

  • OCS Reverse Proxy via Apache 2.0

    I'm trying to configure an OCS 10.1.2 (OCS 10g R2) one-box install behind an Apache2 reverse proxy. Has anyone been able to do this?
    I've configured a virtual host with ProxyPass and ProxyPassReverse directives, however, I'm not sure which component to reverse proxy, whether it is the SSO server, or the portal server.
    If anyone can point me in the right direction. That would be much appreciated.
    Regards,
    Alex

    Hello Alex,
    I did the same as you are trying to do and finally (after some help from oracle support) it works fine.
    Take a look at metalink Note:339761.1 "SETUP OCS 10g with SSL on a Single Box Install" - it helps you to set up your infra and apps tier correctly.
    The apache configuration is quite simple - beside the logfile and ssl stuff i've just created a virtual host with a ProxyPass and ProxyPassReverse directive pointing to the internal host:
    ProxyPass / https://host.internal-domain:4444/
    ProxyPassReverse / https://host.internal-domain:4444/
    I'm using OCS 10.1.2 and a self-compiled Apache 2.2.2.
    Regards,
    Christoph

Maybe you are looking for