How To configure Apache As Reverse Proxy for SharePoint Application
Hi,
I recently integrated Apache as ReverseProxy for SharePoint 2010. When accessing the SharePoint application via the reverse proxy url e.g. http://<reverse-proxy-url>/SitePages/Home.aspx the images/css and JavaScript files does not comeup
fine.
I had defined the following mapping in the httpd.conf file.
ProxyPass /SitePages http://<actual-url>/SitePages
<Location /SitePages>
ProxyPassReverse http://<actual-url>/SitePages
SetEnv force-nokeepalive 1
</Location>
Regards,
Bunty Ray
Hi Trevor,
I did not understand your point. Currently i tried the following in the httpd.conf as well, but still did not help
######Mapping SharePoint Server#######
ProxyPass /SitePages http://<actual-url>/SitePages
ProxyPass /WebResource.axd http://<actual-url>/WebResource.axd
ProxyPass /ScriptResource.axd http://<actual-url>/ScriptResource.axd
<Location /SitePages>
SetOutputFilter INFLATE;proxy-html;DEFLATE
ProxyHTMLMeta On
ProxyHTMLEnable On
ProxyHTMLExtended On
ProxyHTMLLogVerbose On
ProxyPassReverse http://<actual-url>/SitePages
ProxyHTMLURLMap /SitePages http://<actual-url>/SitePages ec
ProxyHTMLURLMap http://<actual-url>/SitePages /SitePages ec
SetEnv force-nokeepalive 1
SetEnv force-proxy-request-1.01
SetEnv proxy-initial-not-pooled 1
</Location>
<Location /ScriptResource.axd>
SetOutputFilter INFLATE;proxy-html;DEFLATE
ProxyHTMLMeta On
ProxyHTMLEnable On
ProxyHTMLExtended On
ProxyHTMLLogVerbose On
ProxyPassReverse http://<actual-url>/ScriptResource.axd
ProxyHTMLURLMap /ScriptResource.axd http://<actual-url>/ScriptResource.axd ec
ProxyHTMLURLMap http://<actual-url>/ScriptResource.axd /ScriptResource.axd ec
SetEnv force-proxy-request-1.01
SetEnv force-nokeepalive 1
SetEnv proxy-initial-not-pooled 1
</Location>
<Location /WebResource.axd>
SetOutputFilter INFLATE;proxy-html;DEFLATE
ProxyHTMLMeta On
ProxyHTMLEnable On
ProxyHTMLExtended On
ProxyHTMLLogVerbose On
ProxyPassReverse http://<actual-url>/WebResource.axd
ProxyHTMLURLMap /WebResource.axd http://<actual-url>/WebResource.axd ec
ProxyHTMLURLMap http://<actual-url>/WebResource.axd /WebResource.axd ec
SetEnv force-proxy-request-1.01
SetEnv force-nokeepalive 1
SetEnv proxy-initial-not-pooled 1
</Location>
<Location /_layouts>
SetOutputFilter INFLATE;proxy-html;DEFLATE
ProxyHTMLMeta On
ProxyHTMLEnable On
ProxyHTMLExtended On
ProxyHTMLLogVerbose On
ProxyPassReverse http://<actual-url>/_layouts
ProxyHTMLURLMap /_layouts/1033/styles/Themable http://<actual-url>/_layouts/1033/styles/Themable ec
ProxyHTMLURLMap http://<actual-url>/_layouts/1033/styles/Themable /_layouts/1033/styles/Themable ec
SetEnv force-proxy-request-1.01
SetEnv force-nokeepalive 1
SetEnv proxy-initial-not-pooled 1
</Location>
Regards,
Bunty Ray
Similar Messages
-
Reverse Proxy for SharePoint 2013
Hi,
I need to setup SharePoint 2013 environment which needs to be accessible from mobile devices e.g. iPAD/Android, for reverse proxy, I am looking at apache or IIS ARR since UAG is going to be deprecated. So far any one setup apache (on
RHEL 6.x)
or IIS ARR(on W2K8R2) successfully as reverse proxy for SharePoint 2013 access? Is there any issue? and which SharePoint authentication method should be configured?
Must is be Form based authentication? As I read some articles it seems ARR supports Windows authentication. Thanks in advance.IIS ARR doesn't authenticate users, it is a pass-through (unlike UAG which can do auth or anon). Both IIS AAR and the new Web Proxy Role in Server 2012 R2 do not work with SharePoint 2013 Apps.
Trevor Seward
Follow or contact me at...
  
This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs. -
Apache as Reverse Proxy for UWC and Webmail
Hi,
for several reasons i want to use apache 2 as reverse proxy and ssl accelerator for UWC.
internet <-> apache/ssl <-> backend port 80
I configured my apache with mod_proxy and mod_proxy_html.
Here are the concerning config lines:
LoadModule headers_module modules/mod_headers.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadFile /usr/lib/libxml2.so
LoadModule proxy_html_module modules/mod_proxy_html.so
ProxyPass / http://backend.domain.com/
ProxyPassReverse / http://backend.domain.com/
<Location />
ProxyPassReverse /
SetOutputFilter proxy-html
ProxyHTMLURLMap / /
ProxyHTMLURLMap http://backend.domain.com:80/ http://webplex.domain.com/
ProxyHTMLExtended On
RequestHeader unset Accept-Encoding
</Location>For Webmail this configuration works most of the time. There are some minor problems in ie with the folder view. But the real problem is: I can't get UWC to work. The problem seems to be that mod_proxy_html can't replace all of the occurences of backend.domain.com in the html pages.
Especially:
onsubmit="handleSubmit()" action="http://webplex.domain.com/amserver/UI/Login?goto=http://backend.domain.com:80/uwc/&gotoOnFail=http://backend.domain.com:80/uwc/?err=1&module=LDAP" method="POST">in the uwc login page.
So my question is:
Is anybody out there who got apache working as reverse proxy for uwc?
Thanks a lot.
PS1:Solaris 10 on V20z, JES2005Q4
PS2: I already configured UWC with the reverse plugin for sun webserver on backend host so that uwc is working through port 80 only. So there should be no problems arise from that.Hopefully, you'll hear from somebody. I have zero knowledge or experience with Apache.
-
How to configure ARR to Reverse Proxy to RD Gateway
We have an ARR server in the DMZ working fine providing reverse proxy for our internal Exchange Server 2013 environment and I've tried to create rules to allow access to the internal RD Gateway as well but when testing from an external client it never connects.
Does anyone have any configuration notes for how ARR should be configured to allow reverse proxy of RD Gateway?
Cheers for now
RussellHi,
I think you can refer this below article might get some insight from this case.
RD Gateway/RD Web Access & IIS Reverse Proxy/ARR
http://forums.iis.net/t/1210901.aspx?RD+Gateway+RD+Web+Access+IIS+Reverse+Proxy+ARR
Apart seem this as the configurations need to be done in IIS side, I would like to suggest you post the question in our IIS forum for further assistance.
http://forums.iis.net/
Hope it helps!
Thanks.
Dharmesh Solanki
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
How to set 3rd Party Reverse Proxy for smp 3.0 ?
Hi am new to SMP 3.0 . Please help me out .
hi am fallowing the steps in SyBooks Online for reverse proxy settings.
I added the below proxy settings in Apache2.2\conf\httpd.conf .
Listen 8080
<VirtualHost *:8080>
ServerName proxy-server
ErrorLog "C:/Apache2.2/logs/error.log"
TransferLog "C:/Apache2.2/logs/access.log"
<Location />
ProxyPass http://172.22.26.199:8080/
ProxyPassReverse http://172.22.26.199:8080/
</Location>
</VirtualHost>
After adding this proxy setting am unable to run apche server am getting error like "The requested operation has failed " . How to resolve this error ? -
Reverse proxy for web application
Hi,
The users of our a enterprise Java based web application must access a third web application through simple HTML links and then navigate in the target application.
But for security reasons and constraints the direct exchange between the browers of users and server of the other web application is not allowed.
Our web application must retrieve the web page from the other application and must return it to the users's browser. Is there a convenient way to implement this requirement in J2EE ? In this case our web application must play the role of a simple reverse proxy, must request a target JSP page from other application and process it to rewrite the URLs contained in the HTML page, then send the response to user's web browser.
Has somebedoy already done such a technical requirement ? Is there a library to implement easily this use case ?
Thansk a lot
RegardsJust use Apache HTTPD 2.4 with mod_proxy and mod_proxy_html. No need to do it 'within J2EE'.
-
How to configure Apache Plug-in CookieName for multiple session cookies?
I'm deploying an ear file with 2 web applications (.war files) in it and each .war
has its own CookieName defined in the weblogic.xml file. I need to set up the
Apache plugin for Weblogic to look at both of them and not just one. Can I simply
add both CookieName lines into my httpd.conf or will this not work?
Thanks,
-wrWe are facing exactly the same need.
If you tested it and got answers, we will be happy to hear from you.
Concerning alternatives, we thought of defining the CookiePath to the contextroot of each WebApp. In our case, the name (and so then the contextroot) of our WebApps is always changing (it includes the version number), so we would have to change the weblogic.xml at each build which we would like to avoid ...
Apparently the CookiePath can also be set to a "basis" for "begings with" test. See http://groups.google.fr/groups?q=weblogic.xml session-param CookiePath&hl=fr&lr=&ie=UTF-8&oe=UTF-8&selm=3e84a75a%[email protected]&rnum=1 so it could be less harmfull but anyway we do not put too much confidence into this kind of behaviour for future WLS sp/versions :(
Any help appreciated,
Philippe. -
Apache as reverse proxy - 400 Bad request
Hi all,
I'm configured apache as reverse proxy according to this blog:
The Reverse Proxy Series -- Part 3: Apache as a reverse-proxy
When I try to navigate http://testcomp/irj I get "400 - Bad request"
See exception;
<i>Message : User Guest, IP address
Cannot parse the http request. Http error response [400 Bad Request] will be returned. Request is [Host: sapportal:50000
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, /
Accept-Language: en,he;q=0.5
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322; FDM; .NET CLR 2.0.50727)
Max-Forwards: 10
Via: 1.1 localhost
X-Forwarded-For: 10.0.0.4
X-Forwarded-Host: 10.0.0.6
X-Forwarded-Server: localhost
Connection: Keep-Alive
GET /irj HTTP/1.1
Host: sapportal:50000
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, /
Accept-Language: en,he;q=0.5
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322; FDM; .NET CLR 2.0.50727)
Max-Forwards: 10
Via: 1.1 localhost
X-Forwarded-For: 10.0.0.4
X-Forwarded-Host: 10.0.0.6
X-Forwarded-Server: localhost
Connection: Keep-Alive
com.sap.engine.services.httpserver.exceptions.HttpIllegalArgumentException: Incompatible field content in the MIME header.
at com.sap.engine.services.httpserver.lib.headers.MimeHeaderField.parse(MimeHeaderField.java:364)
at com.sap.engine.services.httpserver.lib.headers.MimeHeaders.init(MimeHeaders.java:504)
at com.sap.engine.services.httpserver.server.RequestAnalizer.initialize(RequestAnalizer.java:196)
at com.sap.engine.services.httpserver.server.Client.initialize(Client.java:84)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:143)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)
Severity : Error
Category :
Location : com.sap.engine.services.httpserver
Application :
Thread : SAPEngine_Application_Thread[impl:3]_32
Datasource : 9332850:C:usrsapPD9JC00j2eeclusterserver0logdefaultTrace.trc
Message ID : 000C29EFE9A300570000002D00000B9000043A81D3311894
Source Name : com.sap.engine.services.httpserver
Argument Objs :
Arguments :
Dsr Component :
Dsr Transaction : 5359e85066e411dcbf6b000c29efe9a3
Dsr User :
Indent : 0
Level : 0
Message Code :
Message Type : 0
Relatives :
Resource Bundlename :
Session : 2
Source : com.sap.engine.services.httpserver
ThreadObject : SAPEngine_Application_Thread[impl:3]_32
Transaction :
User : Guest</i>
The lines I added to http.conf
<i>#Enable reverse-proxying
ProxyVia on
ProxyTimeout 600
#disable forward-proxying
ProxyRequests Off
#proxy /irj both ways
ProxyPass /irj http://sapportal:50000/irj
ProxyPassReverse /irj http://testcomp/irj
#proxy /logon both ways
ProxyPass /logon http://sapportal:50000/logon
ProxyPassReverse /logon http://testcomp/logon</i>
I tried with apache version 2.2.3 & 2.0.59 with no success.
My J2EE/Portal version is 6.17.
Since this is a testing environment the two computers are under the same workgroup (no domain).
If I naviagte directly to the portal (without the reverse proxy) everything is working.
How can I solve it?
Regards,
OmriHi Jakub,
Thanks for the answer.
It's not working for me...
I'm attaching my httpd.conf file.
Also, what apache version do you use?
Can you send me your post your httpd.conf file?
Thanks,
Omri
httpd.conf
This is the main Apache HTTP server configuration file. It contains the
configuration directives that give the server its instructions.
See <URL:http://httpd.apache.org/docs/2.2/> for detailed information.
In particular, see
<URL:http://httpd.apache.org/docs/2.2/mod/directives.html>
for a discussion of each configuration directive.
Do NOT simply read the instructions in here without understanding
what they do. They're here only as hints or reminders. If you are unsure
consult the online docs. You have been warned.
Configuration and logfile names: If the filenames you specify for many
of the server's control files begin with "/" (or "drive:/" for Win32), the
server will use that explicit path. If the filenames do not begin
with "/", the value of ServerRoot is prepended -- so "logs/foo.log"
with ServerRoot set to "c:/apache" will be interpreted by the
server as "c:/apache/logs/foo.log".
NOTE: Where filenames are specified, you must use forward slashes
instead of backslashes (e.g., "c:/apache" instead of "c:\apache").
If a drive letter is omitted, the drive on which Apache.exe is located
will be used by default. It is recommended that you always supply
an explicit drive letter in absolute paths, however, to avoid
confusion.
ThreadsPerChild: constant number of worker threads in the server process
MaxRequestsPerChild: maximum number of requests a server process serves
ThreadsPerChild 250
MaxRequestsPerChild 0
ServerRoot: The top of the directory tree under which the server's
configuration, error, and log files are kept.
Do not add a slash at the end of the directory path. If you point
ServerRoot at a non-local disk, be sure to point the LockFile directive
at a local disk. If you wish to share the same ServerRoot for multiple
httpd daemons, you will need to change at least LockFile and PidFile.
ServerRoot "c:/apache"
Listen: Allows you to bind Apache to specific IP addresses and/or
ports, instead of the default. See also the <VirtualHost>
directive.
Change this to Listen on specific IP addresses as shown below to
prevent Apache from glomming onto all bound IP addresses (0.0.0.0)
#Listen 12.34.56.78:80
Listen 80
Dynamic Shared Object (DSO) Support
To be able to use the functionality of a module which was built as a DSO you
have to place corresponding `LoadModule' lines at this location so the
directives contained in it are actually available before they are used.
Statically compiled modules (those listed by `httpd -l') do not need
to be loaded here.
Example:
LoadModule foo_module modules/mod_foo.so
LoadModule actions_module modules/mod_actions.so
LoadModule alias_module modules/mod_alias.so
LoadModule asis_module modules/mod_asis.so
LoadModule auth_basic_module modules/mod_auth_basic.so
#LoadModule auth_digest_module modules/mod_auth_digest.so
#LoadModule authn_anon_module modules/mod_authn_anon.so
#LoadModule authn_dbm_module modules/mod_authn_dbm.so
LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authn_file_module modules/mod_authn_file.so
#LoadModule authz_dbm_module modules/mod_authz_dbm.so
LoadModule authz_default_module modules/mod_authz_default.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule autoindex_module modules/mod_autoindex.so
#LoadModule cern_meta_module modules/mod_cern_meta.so
LoadModule cgi_module modules/mod_cgi.so
#LoadModule dav_module modules/mod_dav.so
#LoadModule dav_fs_module modules/mod_dav_fs.so
#LoadModule deflate_module modules/mod_deflate.so
LoadModule dir_module modules/mod_dir.so
LoadModule env_module modules/mod_env.so
#LoadModule expires_module modules/mod_expires.so
#LoadModule file_cache_module modules/mod_file_cache.so
#LoadModule headers_module modules/mod_headers.so
LoadModule imagemap_module modules/mod_imagemap.so
LoadModule include_module modules/mod_include.so
#LoadModule info_module modules/mod_info.so
LoadModule isapi_module modules/mod_isapi.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule mime_module modules/mod_mime.so
#LoadModule mime_magic_module modules/mod_mime_magic.so
<b>LoadModule proxy_module modules/mod_proxy.so</b>
#LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
#LoadModule proxy_connect_module modules/mod_proxy_connect.so
<b>LoadModule proxy_http_module modules/mod_proxy_http.so</b>
#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule negotiation_module modules/mod_negotiation.so
#LoadModule rewrite_module modules/mod_rewrite.so
LoadModule setenvif_module modules/mod_setenvif.so
#LoadModule speling_module modules/mod_speling.so
#LoadModule status_module modules/mod_status.so
#LoadModule unique_id_module modules/mod_unique_id.so
LoadModule userdir_module modules/mod_userdir.so
#LoadModule usertrack_module modules/mod_usertrack.so
#LoadModule vhost_alias_module modules/mod_vhost_alias.so
#LoadModule ssl_module modules/mod_ssl.so
'Main' server configuration
The directives in this section set up the values used by the 'main'
server, which responds to any requests that aren't handled by a
<VirtualHost> definition. These values also provide defaults for
any <VirtualHost> containers you may define later in the file.
All of these directives may appear inside <VirtualHost> containers,
in which case these default settings will be overridden for the
virtual host being defined.
ServerAdmin: Your address, where problems with the server should be
e-mailed. This address appears on some server-generated pages, such
as error documents. e.g. [email protected]
ServerAdmin @@ServerAdmin@@
ServerName gives the name and port that the server uses to identify itself.
This can often be determined automatically, but we recommend you specify
it explicitly to prevent problems during startup.
If your host doesn't have a registered DNS name, enter its IP address here.
ServerName localhost:80
DocumentRoot: The directory out of which you will serve your
documents. By default, all requests are taken from this directory, but
symbolic links and aliases may be used to point to other locations.
DocumentRoot "c:/apache/htdocs"
Each directory to which Apache has access can be configured with respect
to which services and features are allowed and/or disabled in that
directory (and its subdirectories).
First, we configure the "default" to be a very restrictive set of
features.
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Satisfy all
</Directory>
Note that from this point forward you must specifically allow
particular features to be enabled - so if something's not working as
you might expect, make sure that you have specifically enabled it
below.
This should be changed to whatever you set DocumentRoot to.
<Directory "c:/apache/htdocs">
Possible values for the Options directive are "None", "All",
or any combination of:
Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
Note that "MultiViews" must be named explicitly --- "Options All"
doesn't give it to you.
The Options directive is both complicated and important. Please see
http://httpd.apache.org/docs/2.2/mod/core.html#options
for more information.
Options Indexes FollowSymLinks
AllowOverride controls what directives may be placed in .htaccess files.
It can be "All", "None", or any combination of the keywords:
Options FileInfo AuthConfig Limit
AllowOverride None
Controls who can get stuff from this server.
Order allow,deny
Allow from all
</Directory>
DirectoryIndex: sets the file that Apache will serve if a directory
is requested.
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
The following lines prevent .htaccess and .htpasswd files from being
viewed by Web clients.
<FilesMatch "^\.ht">
Order allow,deny
Deny from all
</FilesMatch>
ErrorLog: The location of the error log file.
If you do not specify an ErrorLog directive within a <VirtualHost>
container, error messages relating to that virtual host will be
logged here. If you do define an error logfile for a <VirtualHost>
container, that host's errors will be logged there and not here.
ErrorLog logs/error.log
LogLevel: Control the number of messages logged to the error_log.
Possible values include: debug, info, notice, warn, error, crit,
alert, emerg.
LogLevel warn
<IfModule log_config_module>
The following directives define some format nicknames for use with
a CustomLog directive (see below).
LogFormat "%h %l %u %t \"%r\" %>s %b \"%You need to enable mod_logio.c to use %I and %Oi\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
The location and format of the access logfile (Common Logfile Format).
If you do not define any access logfiles within a <VirtualHost>
container, they will be logged here. Contrariwise, if you do
define per-<VirtualHost> access logfiles, transactions will be
logged therein and not in this file.
CustomLog logs/access.log common
If you prefer a logfile with access, agent, and referer information
(Combined Logfile Format) you can use the following directive.
#CustomLog logs/access.log combined
</IfModule>
<IfModule alias_module>
Redirect: Allows you to tell clients about documents that used to
exist in your server's namespace, but do not anymore. The client
will make a new request for the document at its new location.
Example:
Redirect permanent /foo http://www.example.com/bar
Alias: Maps web paths into filesystem paths and is used to
access content that does not live under the DocumentRoot.
Example:
Alias /webpath /full/filesystem/path
If you include a trailing / on /webpath then the server will
require it to be present in the URL. You will also likely
need to provide a <Directory> section to allow access to
the filesystem path.
ScriptAlias: This controls which directories contain server scripts.
ScriptAliases are essentially the same as Aliases, except that
documents in the target directory are treated as applications and
run by the server when requested rather than as documents sent to the
client. The same rules about trailing "/" apply to ScriptAlias
directives as to Alias.
ScriptAlias /cgi-bin/ "c:/apache/cgi-bin/"
</IfModule>
"c:/apache/cgi-bin" should be changed to whatever your ScriptAliased
CGI directory exists, if you have that configured.
<Directory "c:/apache/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
Apache parses all CGI scripts for the shebang line by default.
This comment line, the first line of the script, consists of the symbols
pound (#) and exclamation followed by the path of the program that
can execute this specific script. For a perl script, with perl.exe in
the C:\Program Files\Perl directory, the shebang line should be:
#!c:/program files/perl/perl
Note you mustnot_ indent the actual shebang line, and it must be the
first line of the file. Of course, CGI processing must be enabled by
the appropriate ScriptAlias or Options ExecCGI directives for the files
or directory in question.
However, Apache on Windows allows either the Unix behavior above, or can
use the Registry to match files by extention. The command to execute
a file of this type is retrieved from the registry by the same method as
the Windows Explorer would use to handle double-clicking on a file.
These script actions can be configured from the Windows Explorer View menu,
'Folder Options', and reviewing the 'File Types' tab. Clicking the Edit
button allows you to modify the Actions, of which Apache 1.3 attempts to
perform the 'Open' Action, and failing that it will try the shebang line.
This behavior is subject to change in Apache release 2.0.
Each mechanism has it's own specific security weaknesses, from the means
to run a program you didn't intend the website owner to invoke, and the
best method is a matter of great debate.
To enable the this Windows specific behavior (and therefore -disable- the
equivilant Unix behavior), uncomment the following directive:
#ScriptInterpreterSource registry
The directive above can be placed in individual <Directory> blocks or the
.htaccess file, with either the 'registry' (Windows behavior) or 'script'
(Unix behavior) option, and will override this server default option.
DefaultType: the default MIME type the server will use for a document
if it cannot otherwise determine one, such as from filename extensions.
If your server contains mostly text or HTML documents, "text/plain" is
a good value. If most of your content is binary, such as applications
or images, you may want to use "application/octet-stream" instead to
keep browsers from trying to display binary files as though they are
text.
DefaultType text/plain
<IfModule mime_module>
TypesConfig points to the file containing the list of mappings from
filename extension to MIME-type.
TypesConfig conf/mime.types
AddType allows you to add to or override the MIME configuration
file specified in TypesConfig for specific file types.
#AddType application/x-gzip .tgz
AddEncoding allows you to have certain browsers uncompress
information on the fly. Note: Not all browsers support this.
#AddEncoding x-compress .Z
#AddEncoding x-gzip .gz .tgz
If the AddEncoding directives above are commented-out, then you
probably should define those extensions to indicate media types:
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddHandler allows you to map certain file extensions to "handlers":
actions unrelated to filetype. These can be either built into the server
or added with the Action directive (see below)
To use CGI scripts outside of ScriptAliased directories:
(You will also need to add "ExecCGI" to the "Options" directive.)
#AddHandler cgi-script .cgi
For type maps (negotiated resources):
#AddHandler type-map var
Filters allow you to process content before it is sent to the client.
To parse .shtml files for server-side includes (SSI):
(You will also need to add "Includes" to the "Options" directive.)
#AddType text/html .shtml
#AddOutputFilter INCLUDES .shtml
</IfModule>
The mod_mime_magic module allows the server to use various hints from the
contents of the file itself to determine its type. The MIMEMagicFile
directive tells the module where the hint definitions are located.
#MIMEMagicFile conf/magic
Customizable error responses come in three flavors:
1) plain text 2) local redirects 3) external redirects
Some examples:
#ErrorDocument 500 "The server made a boo boo."
#ErrorDocument 404 /missing.html
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
#ErrorDocument 402 http://www.example.com/subscription_info.html
EnableMMAP and EnableSendfile: On systems that support it,
memory-mapping or the sendfile syscall is used to deliver
files. This usually improves server performance, but must
be turned off when serving from networked-mounted
filesystems or if support for these functions is otherwise
broken on your system.
#EnableMMAP off
#EnableSendfile off
Supplemental configuration
The configuration files in the conf/extra/ directory can be
included to add extra features or to modify the default configuration of
the server, or you may simply copy their contents here and change as
necessary.
Server-pool management (MPM specific)
#Include conf/extra/httpd-mpm.conf
Multi-language error messages
#Include conf/extra/httpd-multilang-errordoc.conf
Fancy directory listings
#Include conf/extra/httpd-autoindex.conf
Language settings
#Include conf/extra/httpd-languages.conf
User home directories
#Include conf/extra/httpd-userdir.conf
Real-time info on requests and configuration
#Include conf/extra/httpd-info.conf
Virtual hosts
#Include conf/extra/httpd-vhosts.conf
Local access to the Apache HTTP Server Manual
#Include conf/extra/httpd-manual.conf
Distributed authoring and versioning (WebDAV)
#Include conf/extra/httpd-dav.conf
Various default settings
#Include conf/extra/httpd-default.conf
Secure (SSL/TLS) connections
#Include conf/extra/httpd-ssl.conf
Note: The following must must be present to support
starting without SSL on platforms with no /dev/random equivalent
but a statically compiled-in mod_ssl.
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>
<b>ProxyPreserveHost On
ProxyVia on
ProxyTimeout 600
#disable forward-proxying
ProxyRequests Off
#proxy /irj both ways
ProxyPass /irj http://sapportal:50000/irj
ProxyPassReverse /irj http://sapportal:50000/irj
#ProxyPassReverse /irj http://testcomp/irj
#proxy /logon both ways
ProxyPass /logon http://sapportal:50000/logon
ProxyPassReverse /logon http://sapportal:50000/logon
#ProxyPassReverse /logon http://testcomp/logon</b> -
How to configure apache for ssl in windows platform
hi all,
can anyone help me expalin how to configure apache for ssl in windows platform.George,
I would take the following 'first steps'
1)Install Apache20 on your Windows machine following the Apache online documentation
http://httpd.apache.org/docs-2.0/misc/tutorials.html
2)Make sure you can 'serve up' static HTML content from your Apache Server
3)Install Weblogic Server per our online documentation
http://edocs.bea.com/wls/docs61/install/index.html
4)Also, make sure you can 'serve up' both static and dynamic (e.g., JSP) content
directly from WLS server
5)Once you have both of the above 'sanity' checks attempt to configure a simple
proxy by ppath or mime type via our online documentation
http://edocs.bea.com/wls/docs61/adminguide/apache.html#103803
Chuck Nelson
DRE
BEA Technical Support -
Setting apache reverse proxy for EP6SP2
Hi friends,
I want to set apache reverse proxy for EP6SP2. But after doing the following changes, it is showing the SAP J2EE Engine documentation page.
The following changes has been dont to httpd.conf:
NameVirtualHost 1.1.1.1:80
<VirtualHost 1.1.1.1:80>
ProxyRequests Off
ServerName ep6.xyz.com
ProxyPreserveHost On
proxyPass / http://ep6.xyz.com:50000/
proxyPassReverse / http://ep6.xyz.com:50000/
ErrorLog logs/base.80.error.log
CustomLog logs/base.80.custom.log common
</VirtualHost>
Help needed.
Regards,
NilzHi,
I have a problem with my proxy:
ssl.conf.in like
ProxyPass /irj http://debmsu06.server.###.de:50300/irj
ProxyPassReverse /irj http://debmsu06.server.###.de:50300/irj
RewriteRule ^/$ /irj/portal [R]
If I use URL:
https://bebuyer.###.de/ goto https://bebuyer.###.de/irj/portal
but if I use
https://bebuyer.###.de/irj/
I get the info:
https://bebuyer.###.de/irj/HTTPS:/bebuyer.###.de:443/irj/index.html
What is happened? How I can redirect to /irj/portal?
Of course I can use
http://debmsu06.server.###.de:50300/irj/
Could you please give me some tips?
Best Thanks!
Heren Zhou -
Apache as a reverse proxy for E-recruiting
We are trying to use apache as a reverse procy for e-recruting. The call to the web proxy is being forwareded correctly but whereas if the page is opened directly on the e-recruiting box it opens a page with a bsp generated logon screen, when using the portal it generates a window dialog for logon and i the get the following message :
BSP Exception: Das Objekt sap/bc/bsp/sap/hrrcf_start_int/sap/bc/bsp/sap/hrrcf_start_int/application.do in der URL /sap/bc/bsp/sap/hrrcf_start_int/sap/bc/bsp/sap/hrrcf_start_int/sap/bc/bsp/sap/hrrcf_start_int/application.do?sap-client=100&sap-language=EN&BspClient=100&BspLanguage=EN&rcfSpId=0003&rcfContext=LMUGEN ist nicht gültig.
Has anyone done apache as a proxy for e-recruting who can share an example or offer any advice?
ThanksHi Richard,
you can take this link as a starting point: /people/sap.user72/blog/2006/04/18/the-reverse-proxy-series--part-32-apache-as-a-complex-reverse-proxy
In your case it seems to me that "/sap/bc/bsp/sap/hrrcf_start_int" gets concatenated 2 more times in your URL than it should.
That looks like a loop resp. an apache directive which gets executed too often.
regards, Norbert -
Reverse Proxy for OIF on iPlanet
hi,
I am trying to implement reverse proxy for OIF r3 Identity Provider on iPlanet.
I configured the obj.conf of iPlanet accordingly.
<Object name="passthrough1">
Service fn="service-passthrough" servers="http://backendIDP.com:80"
Error reason="Bad Gateway" fn="send-error" uri="C:/Sun/WebServer6.1/docs/badgateway.html"
</Object>
<Object Default>
NameTrans fn="assign-name" from="/fed/" name="passthrough1"
NameTrans fn="assign-name" from="/fed/*" name="passthrough2"
</Object>
when i tried the IDP initiated proxy url in a browser like (http://proxy.com/fed/idp/initiatesso?providerid=XXXXXXXX&returnurl=YYYY)
immediately its being forwaded to backend Identity Provider for authentication like(http://backendIDP.com/sso/jsp/salogin.jsp?doneURL=/user/loginsso&refID=id-ysJ-7-1PR9k-QI2bg9zZkPdyHPw-)
I was expecting that it is redirected to Proxy URL like (http://proxy.com/sso/jsp/salogin.jsp?doneURL=/user/loginsso&refID=id-ysJ-7-1PR9k-QI2bg9zZkPdyHPw-)
At the end it is giving me null pointer exception instead of return URL "YYYYY"
Does any one know how to fix the error.web or weblogic.xml files on your RPS needs to define for each case like if inbound port is 7011 then send it to PIA:7011 and http and the same for 7012 then send it to PIA:7012 and https. in the webprofile configuration for your RPS profile, set both https and http relative URLS. I believe you could start using this info and I am sure you could figure out the rest.
-
Question on Apache as reverse proxy
Hi, all.
We are currently using Apache 2.2.10 as the reverse proxy for the EP 7.3.1. All of the apps are webdynpro for Abap based in ECC.
In 2 of the WDA apps, we get intermittent blue circle of death. The user action can be totally random in the apps when they hit the problem. So far, we are not able to reproduce it. When the spinning circle happens, SM04 and SM50 in ECC show no activity from that user. There is nothing from SM21, ST05(abap and sql trace) or the dev_* trace files. I don't think SAP is running anything for that user when that happens. Ultimately, the user will get a "bad request" or HTTP 400 from the Apache server.
Here is what I see from the apache access log and error log:
[31/Jul/2014:23:50:26 -0400] TLSv1 AES128-SHA "POST /sap/bc/webdynpro/sap/ZR_SSEPP_OPERATIONAL_SCHEDULE;sap-ext-sid=VcFRQjFOvu8TJYp9gDoeAA--4x1GQAg0MPPjCUEQif5iWQ--?sap-contextid=SID%3aANON%3asapprd_PR3_03%3aezUnW-FXtaYVyXREaAD7rxW0k8o5pk_n9RfjPfcB-NEW HTTP/1.1" 400 3004 "https://xxxxx/sap/bc/webdynpro/sap/ZR_SSEPP_OPERATIONAL_SCHEDULE;sap-ext-sid=VcFRQjFOvu8TJYp9gDoeAA--4x1GQAg0MPPjCUEQif5iWQ--" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)" 706345611
[Fri Aug 01 14:19:07 2014] [error] [client 10.4.53.198] (70014)End of file found: proxy: error reading status line from remote server xxxxxx, referer: https://xxxxx/sap/bc/webdynpro/sap/ZR_SSEPP_OPERATIONAL_SCHEDULE;sap-ext-sid=RaH2yjQlV6o7wVaj6wv6zA--LXTMFzjjKvcuwT*DXWoBmA--
Have you seen this error before? If you are using apache as the reverse proxy, would you mind to share the parameters you have?
Thanks,
Jonathan.Hi, Lawrence.
The reason I am posting is because we couldn't isolate the source of the problem. I know that the Apache server is 7 years old. But the apache team is only thinking of updating it to 2.2.27 until later this year, nevermind the version 2.4. Chances are there will be delays as the apache is shared by a lot of other non-sap apps.
Would you be able to share your troubleshooting experience? How do you pinpoint that this is an Apache issue? Right now the Apache team is saying that this is an SAP issue. But since we cannot reproduce the problem and we are not allowed to take Apache out temporarily or selectively(as per Corporate policy), everything is possible.
Thanks,
Jonathan. -
How to configure apache to avoid risks while hosting your domain
Hi all
I am trying to host my personal site on my machine, and after configuring the personal web i am able to see the apache page when i go to my ip address (the real one, not the one from my router).
Now, i have little experience with apache on pc, and i remember that there was a bunch of files to set up authentication, users allowed to log in into your site, restrictions to avoid that some guy will sneak on the machine and get out of the web folder....etc.
Can someone please point me to the right info about how to configure apache on Leopard to avoid unwanted risks while simply hosting a site and a wiki?
Thanks!Leopard client only has a User Interface to turn web sharing on or off. If you want to modify apache you have to do via the command line in the terminal client.
Out of the box Leopard is configured so that only your sites folder is accessible. and the systemwide webfolder located at /Library/WebServer/Documents
so if you want your sites folder to be accessible and not the main webserver folder can rename that folder to Documents.bak for example. -
How to configure Apache Virtual Hosts?
Hi, I was wondering, how does configure Apache virtual hosts for Mac OS X Client 10.4.5? At this time, I have added
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin [email protected]
DocumentRoot /Library/WebServer/Documents/janus
ServerName janus.php.test
ErrorLog /private/var/log/httpd/janus.php.com-error_log
CustomLog /private/var/log/httpd/janus.php.com-access_log common
</VirtualHost>
Finally, when I try to use the name in the browser, I get the following error message:
Safari can’t find the server.
Safari can’t open the page “http://janus.php.test/” because it can’t find the server “janus.php.test”.
Well, I must go and thanks in advance.
Peace,
-ConradIf you want to use the fqdn you defined and can/do not want to register it as a Internet Domain you can add it to the hosts file in /etc/hosts if you are comfortable using terminal and the shell
open a terminal
and use the following commands
cd /etc
sudo vim hosts
(you will be prompted for your password here, enter it and hit return)
in vim scroll to the last line which will look like
::1 localhost
type
i
(you are now in insert mode)
type the following line
192.168.0.15 janus.php.test
(replace the ip address with the ip address of the host in question)
hit Control-C
type
:w (vim will confirm in the last line)
type
:q
you are back at the terminal
test your new hosts file by typing
ping janus.php.test
Hope this helps
Mike
Maybe you are looking for
-
ITunes 7.0.2 wiped everything, won't sync w/iPod
I just updated to iTunes 7.0.2 and when I started up for the 1st time there were no songs or playlists to be found. It was like I had started from scratch. I managed to find my music files and "Add to Library", but now iTunes won't sync to my iPod. T
-
Multiple Qs- Boot camp, Force running a CD, VM Fusion
I will first apologize for what is going to be a fairly long post but would be grateful if you experts out there could help me out. 1. I just got a MAC after just getting using a PC after I was persuaded it would be an easier system to grapple with.
-
I have already tried to do a back up on my second generation iPod, but for some reason it wouldn't sync to my new iPod because it wasn't compatible. I literally want to take everything from my old iPod (the contacts, photos, notes, everything) and p
-
Rss:PubDate gives too much info to iWeb Blog RSS feed
Hi All! Blog pages are setup in iWeb, and I've got an external "bot" that subscribes to the RSS feed from the blog. I'm grabbing the feed and stripping the {rss:pubDate}, {rss:title} and {rss:description} fields from the feed to re-format for posting
-
Strange Business rule behaviour in EAS
Hi, We are testing some changes to the caches for a planning app. As part of this a number of business rules are be run concurrently to simulate what happens in production. The business rules, with a large data set, are started from EAS, as they are