How To configure Apache As Reverse Proxy for SharePoint Application

Similar Messages

• Reverse Proxy for SharePoint 2013

  Hi,
  I need to setup SharePoint 2013 environment which needs to be accessible from mobile devices e.g. iPAD/Android, for reverse proxy, I am looking at apache or IIS ARR since UAG is going to be deprecated. So far any one setup apache (on
  RHEL 6.x)
  or IIS ARR(on W2K8R2) successfully as reverse proxy for SharePoint 2013 access? Is there any issue? and which SharePoint authentication method should be configured?
  Must is be Form based authentication? As I read some articles it seems ARR supports Windows authentication. Thanks in advance.

  IIS ARR doesn't authenticate users, it is a pass-through (unlike UAG which can do auth or anon). Both IIS AAR and the new Web Proxy Role in Server 2012 R2 do not work with SharePoint 2013 Apps.
  Trevor Seward
  Follow or contact me at...
  &nbsp&nbsp
  This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

• Apache as Reverse Proxy for UWC and Webmail

  Hi,
  for several reasons i want to use apache 2 as reverse proxy and ssl accelerator for UWC.
  internet <-> apache/ssl <-> backend port 80
  I configured my apache with mod_proxy and mod_proxy_html.
  Here are the concerning config lines:
  LoadModule headers_module modules/mod_headers.so
  LoadModule proxy_module modules/mod_proxy.so
  LoadModule proxy_connect_module modules/mod_proxy_connect.so
  LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
  LoadModule proxy_http_module modules/mod_proxy_http.so
  LoadFile    /usr/lib/libxml2.so
  LoadModule  proxy_html_module    modules/mod_proxy_html.so
  ProxyPass / http://backend.domain.com/
  ProxyPassReverse / http://backend.domain.com/
  <Location />
          ProxyPassReverse /
          SetOutputFilter proxy-html
          ProxyHTMLURLMap / /
          ProxyHTMLURLMap http://backend.domain.com:80/ http://webplex.domain.com/
          ProxyHTMLExtended On
          RequestHeader unset Accept-Encoding
  </Location>For Webmail this configuration works most of the time. There are some minor problems in ie with the folder view. But the real problem is: I can't get UWC to work. The problem seems to be that mod_proxy_html can't replace all of the occurences of backend.domain.com in the html pages.
  Especially:
  onsubmit="handleSubmit()" action="http://webplex.domain.com/amserver/UI/Login?goto=http://backend.domain.com:80/uwc/&gotoOnFail=http://backend.domain.com:80/uwc/?err=1&module=LDAP" method="POST">in the uwc login page.
  So my question is:
  Is anybody out there who got apache working as reverse proxy for uwc?
  Thanks a lot.
  PS1:Solaris 10 on V20z, JES2005Q4
  PS2: I already configured UWC with the reverse plugin for sun webserver on backend host so that uwc is working through port 80 only. So there should be no problems arise from that.

  Hopefully, you'll hear from somebody. I have zero knowledge or experience with Apache.

• How to configure ARR to Reverse Proxy to RD Gateway

  We have an ARR server in the DMZ working fine providing reverse proxy for our internal Exchange Server 2013 environment and I've tried to create rules to allow access to the internal RD Gateway as well but when testing from an external client it never connects.
  Does anyone have any configuration notes for how ARR should be configured to allow reverse proxy of RD Gateway?
  Cheers for now
  Russell

  Hi,
  I think you can refer this below article might get some insight from this case.
  RD Gateway/RD Web Access & IIS Reverse Proxy/ARR
  http://forums.iis.net/t/1210901.aspx?RD+Gateway+RD+Web+Access+IIS+Reverse+Proxy+ARR
  Apart seem this as the configurations need to be done in IIS side, I would like to suggest you post the question in our IIS forum for further assistance.
  http://forums.iis.net/
  Hope it helps!
  Thanks.
  Dharmesh Solanki
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• How to set 3rd Party Reverse Proxy for smp 3.0 ?

  Hi am new to SMP 3.0 . Please help me out .

  hi am fallowing the steps in SyBooks Online for reverse proxy settings.
  I added the below proxy settings in Apache2.2\conf\httpd.conf .
  Listen 8080
    <VirtualHost *:8080>
          ServerName proxy-server   
            ErrorLog "C:/Apache2.2/logs/error.log"
            TransferLog "C:/Apache2.2/logs/access.log"
               <Location />
                ProxyPass http://172.22.26.199:8080/
                ProxyPassReverse http://172.22.26.199:8080/
    </Location>
      </VirtualHost>  
  After adding this proxy setting am unable to run apche server am getting error like "The requested operation has failed  " . How to resolve this error ?

• Reverse proxy for web application

  Hi,
  The users of our a enterprise Java based web application must access a third web application through simple HTML links and then navigate in the target application.
  But for security reasons and constraints the direct exchange between the browers of users and server of the other web application is not allowed.
  Our web application must retrieve the web page from the other application and must return it to the users's browser. Is there a convenient way to implement this requirement in J2EE ? In this case our web application must play the role of a simple reverse proxy, must request a target JSP page from other application and process it to rewrite the URLs contained in the HTML page, then send the response to user's web browser.
  Has somebedoy already done such a technical requirement ? Is there a library to implement easily this use case ?
  Thansk a lot
  Regards

  Just use Apache HTTPD 2.4 with mod_proxy and mod_proxy_html. No need to do it 'within J2EE'.

• How to configure Apache Plug-in CookieName for multiple session cookies?

  I'm deploying an ear file with 2 web applications (.war files) in it and each .war
  has its own CookieName defined in the weblogic.xml file. I need to set up the
  Apache plugin for Weblogic to look at both of them and not just one. Can I simply
  add both CookieName lines into my httpd.conf or will this not work?
  Thanks,
  -wr

  We are facing exactly the same need.
  If you tested it and got answers, we will be happy to hear from you.
  Concerning alternatives, we thought of defining the CookiePath to the contextroot of each WebApp. In our case, the name (and so then the contextroot) of our WebApps is always changing (it includes the version number), so we would have to change the weblogic.xml at each build which we would like to avoid ...
  Apparently the CookiePath can also be set to a "basis" for "begings with" test. See http://groups.google.fr/groups?q=weblogic.xml session-param CookiePath&hl=fr&lr=&ie=UTF-8&oe=UTF-8&selm=3e84a75a%[email protected]&rnum=1 so it could be less harmfull but anyway we do not put too much confidence into this kind of behaviour for future WLS sp/versions :(
  Any help appreciated,
  Philippe.

• Apache as reverse proxy - 400 Bad request

  Hi all,
  I'm configured apache as reverse proxy according to this blog:
  The Reverse Proxy Series -- Part 3: Apache as a reverse-proxy
  When I try to navigate http://testcomp/irj I get "400 - Bad request"
  See exception;
  <i>Message : User Guest, IP address
  Cannot parse the http request. Http error response [400 Bad Request] will be returned. Request is [Host: sapportal:50000
  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, /
  Accept-Language: en,he;q=0.5
  Accept-Encoding: gzip, deflate
  User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322; FDM; .NET CLR 2.0.50727)
  Max-Forwards: 10
  Via: 1.1 localhost
  X-Forwarded-For: 10.0.0.4
  X-Forwarded-Host: 10.0.0.6
  X-Forwarded-Server: localhost
  Connection: Keep-Alive
  GET /irj HTTP/1.1
  Host: sapportal:50000
  Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, /
  Accept-Language: en,he;q=0.5
  Accept-Encoding: gzip, deflate
  User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322; FDM; .NET CLR 2.0.50727)
  Max-Forwards: 10
  Via: 1.1 localhost
  X-Forwarded-For: 10.0.0.4
  X-Forwarded-Host: 10.0.0.6
  X-Forwarded-Server: localhost
  Connection: Keep-Alive
  com.sap.engine.services.httpserver.exceptions.HttpIllegalArgumentException: Incompatible field content in the MIME header.
       at com.sap.engine.services.httpserver.lib.headers.MimeHeaderField.parse(MimeHeaderField.java:364)
       at com.sap.engine.services.httpserver.lib.headers.MimeHeaders.init(MimeHeaders.java:504)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.initialize(RequestAnalizer.java:196)
       at com.sap.engine.services.httpserver.server.Client.initialize(Client.java:84)
       at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:143)
       at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
       at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
       at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
       at java.security.AccessController.doPrivileged(Native Method)
       at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)
       at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)
  Severity : Error
  Category :
  Location : com.sap.engine.services.httpserver
  Application :
  Thread : SAPEngine_Application_Thread[impl:3]_32
  Datasource : 9332850:C:usrsapPD9JC00j2eeclusterserver0logdefaultTrace.trc
  Message ID : 000C29EFE9A300570000002D00000B9000043A81D3311894
  Source Name : com.sap.engine.services.httpserver
  Argument Objs :
  Arguments :
  Dsr Component :
  Dsr Transaction : 5359e85066e411dcbf6b000c29efe9a3
  Dsr User :
  Indent : 0
  Level : 0
  Message Code :
  Message Type : 0
  Relatives :
  Resource Bundlename :
  Session : 2
  Source : com.sap.engine.services.httpserver
  ThreadObject : SAPEngine_Application_Thread[impl:3]_32
  Transaction :
  User : Guest</i>
  The lines I added to http.conf
  <i>#Enable reverse-proxying
  ProxyVia on
  ProxyTimeout 600
  #disable forward-proxying
  ProxyRequests Off
  #proxy /irj both ways
  ProxyPass /irj http://sapportal:50000/irj
  ProxyPassReverse /irj http://testcomp/irj
  #proxy /logon both ways
  ProxyPass /logon http://sapportal:50000/logon
  ProxyPassReverse /logon http://testcomp/logon</i>
  I tried with apache version 2.2.3 & 2.0.59 with no success.
  My J2EE/Portal version is 6.17.
  Since this is a testing environment the two computers are under the same workgroup (no domain).
  If I naviagte directly to the portal (without the reverse proxy) everything is working.
  How can I solve it?
  Regards,
  Omri

  Hi Jakub,
  Thanks for the answer.
  It's not working for me...
  I'm attaching my httpd.conf file.
  Also, what apache version do you use?
  Can you send me your post your httpd.conf file?
  Thanks,
  Omri
  httpd.conf
  This is the main Apache HTTP server configuration file.  It contains the
  configuration directives that give the server its instructions.
  See <URL:http://httpd.apache.org/docs/2.2/> for detailed information.
  In particular, see
  <URL:http://httpd.apache.org/docs/2.2/mod/directives.html>
  for a discussion of each configuration directive.
  Do NOT simply read the instructions in here without understanding
  what they do.  They're here only as hints or reminders.  If you are unsure
  consult the online docs. You have been warned. 
  Configuration and logfile names: If the filenames you specify for many
  of the server's control files begin with "/" (or "drive:/" for Win32), the
  server will use that explicit path.  If the filenames do not begin
  with "/", the value of ServerRoot is prepended -- so "logs/foo.log"
  with ServerRoot set to "c:/apache" will be interpreted by the
  server as "c:/apache/logs/foo.log".
  NOTE: Where filenames are specified, you must use forward slashes
  instead of backslashes (e.g., "c:/apache" instead of "c:\apache").
  If a drive letter is omitted, the drive on which Apache.exe is located
  will be used by default.  It is recommended that you always supply
  an explicit drive letter in absolute paths, however, to avoid
  confusion.
  ThreadsPerChild: constant number of worker threads in the server process
  MaxRequestsPerChild: maximum  number of requests a server process serves
  ThreadsPerChild 250
  MaxRequestsPerChild  0
  ServerRoot: The top of the directory tree under which the server's
  configuration, error, and log files are kept.
  Do not add a slash at the end of the directory path.  If you point
  ServerRoot at a non-local disk, be sure to point the LockFile directive
  at a local disk.  If you wish to share the same ServerRoot for multiple
  httpd daemons, you will need to change at least LockFile and PidFile.
  ServerRoot "c:/apache"
  Listen: Allows you to bind Apache to specific IP addresses and/or
  ports, instead of the default. See also the <VirtualHost>
  directive.
  Change this to Listen on specific IP addresses as shown below to
  prevent Apache from glomming onto all bound IP addresses (0.0.0.0)
  #Listen 12.34.56.78:80
  Listen 80
  Dynamic Shared Object (DSO) Support
  To be able to use the functionality of a module which was built as a DSO you
  have to place corresponding `LoadModule' lines at this location so the
  directives contained in it are actually available before they are used.
  Statically compiled modules (those listed by `httpd -l') do not need
  to be loaded here.
  Example:
  LoadModule foo_module modules/mod_foo.so
  LoadModule actions_module modules/mod_actions.so
  LoadModule alias_module modules/mod_alias.so
  LoadModule asis_module modules/mod_asis.so
  LoadModule auth_basic_module modules/mod_auth_basic.so
  #LoadModule auth_digest_module modules/mod_auth_digest.so
  #LoadModule authn_anon_module modules/mod_authn_anon.so
  #LoadModule authn_dbm_module modules/mod_authn_dbm.so
  LoadModule authn_default_module modules/mod_authn_default.so
  LoadModule authn_file_module modules/mod_authn_file.so
  #LoadModule authz_dbm_module modules/mod_authz_dbm.so
  LoadModule authz_default_module modules/mod_authz_default.so
  LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
  LoadModule authz_host_module modules/mod_authz_host.so
  LoadModule authz_user_module modules/mod_authz_user.so
  LoadModule autoindex_module modules/mod_autoindex.so
  #LoadModule cern_meta_module modules/mod_cern_meta.so
  LoadModule cgi_module modules/mod_cgi.so
  #LoadModule dav_module modules/mod_dav.so
  #LoadModule dav_fs_module modules/mod_dav_fs.so
  #LoadModule deflate_module modules/mod_deflate.so
  LoadModule dir_module modules/mod_dir.so
  LoadModule env_module modules/mod_env.so
  #LoadModule expires_module modules/mod_expires.so
  #LoadModule file_cache_module modules/mod_file_cache.so
  #LoadModule headers_module modules/mod_headers.so
  LoadModule imagemap_module modules/mod_imagemap.so
  LoadModule include_module modules/mod_include.so
  #LoadModule info_module modules/mod_info.so
  LoadModule isapi_module modules/mod_isapi.so
  LoadModule log_config_module modules/mod_log_config.so
  LoadModule mime_module modules/mod_mime.so
  #LoadModule mime_magic_module modules/mod_mime_magic.so
  <b>LoadModule proxy_module modules/mod_proxy.so</b>
  #LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
  #LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
  #LoadModule proxy_connect_module modules/mod_proxy_connect.so
  <b>LoadModule proxy_http_module modules/mod_proxy_http.so</b>
  #LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
  LoadModule negotiation_module modules/mod_negotiation.so
  #LoadModule rewrite_module modules/mod_rewrite.so
  LoadModule setenvif_module modules/mod_setenvif.so
  #LoadModule speling_module modules/mod_speling.so
  #LoadModule status_module modules/mod_status.so
  #LoadModule unique_id_module modules/mod_unique_id.so
  LoadModule userdir_module modules/mod_userdir.so
  #LoadModule usertrack_module modules/mod_usertrack.so
  #LoadModule vhost_alias_module modules/mod_vhost_alias.so
  #LoadModule ssl_module modules/mod_ssl.so
  'Main' server configuration
  The directives in this section set up the values used by the 'main'
  server, which responds to any requests that aren't handled by a
  <VirtualHost> definition.  These values also provide defaults for
  any <VirtualHost> containers you may define later in the file.
  All of these directives may appear inside <VirtualHost> containers,
  in which case these default settings will be overridden for the
  virtual host being defined.
  ServerAdmin: Your address, where problems with the server should be
  e-mailed.  This address appears on some server-generated pages, such
  as error documents.  e.g. [email protected]
  ServerAdmin @@ServerAdmin@@
  ServerName gives the name and port that the server uses to identify itself.
  This can often be determined automatically, but we recommend you specify
  it explicitly to prevent problems during startup.
  If your host doesn't have a registered DNS name, enter its IP address here.
  ServerName localhost:80
  DocumentRoot: The directory out of which you will serve your
  documents. By default, all requests are taken from this directory, but
  symbolic links and aliases may be used to point to other locations.
  DocumentRoot "c:/apache/htdocs"
  Each directory to which Apache has access can be configured with respect
  to which services and features are allowed and/or disabled in that
  directory (and its subdirectories).
  First, we configure the "default" to be a very restrictive set of
  features. 
  <Directory />
      Options FollowSymLinks
      AllowOverride None
      Order deny,allow
      Deny from all
      Satisfy all
  </Directory>
  Note that from this point forward you must specifically allow
  particular features to be enabled - so if something's not working as
  you might expect, make sure that you have specifically enabled it
  below.
  This should be changed to whatever you set DocumentRoot to.
  <Directory "c:/apache/htdocs">
  Possible values for the Options directive are "None", "All",
  or any combination of:
    Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
  Note that "MultiViews" must be named explicitly --- "Options All"
  doesn't give it to you.
  The Options directive is both complicated and important.  Please see
  http://httpd.apache.org/docs/2.2/mod/core.html#options
  for more information.
      Options Indexes FollowSymLinks
  AllowOverride controls what directives may be placed in .htaccess files.
  It can be "All", "None", or any combination of the keywords:
    Options FileInfo AuthConfig Limit
      AllowOverride None
  Controls who can get stuff from this server.
      Order allow,deny
      Allow from all
  </Directory>
  DirectoryIndex: sets the file that Apache will serve if a directory
  is requested.
  <IfModule dir_module>
      DirectoryIndex index.html
  </IfModule>
  The following lines prevent .htaccess and .htpasswd files from being
  viewed by Web clients.
  <FilesMatch "^\.ht">
      Order allow,deny
      Deny from all
  </FilesMatch>
  ErrorLog: The location of the error log file.
  If you do not specify an ErrorLog directive within a <VirtualHost>
  container, error messages relating to that virtual host will be
  logged here.  If you do define an error logfile for a <VirtualHost>
  container, that host's errors will be logged there and not here.
  ErrorLog logs/error.log
  LogLevel: Control the number of messages logged to the error_log.
  Possible values include: debug, info, notice, warn, error, crit,
  alert, emerg.
  LogLevel warn
  <IfModule log_config_module>
  The following directives define some format nicknames for use with
  a CustomLog directive (see below).
      LogFormat "%h %l %u %t \"%r\" %>s %b \"%You need to enable mod_logio.c to use %I and %Oi\" \"%{User-Agent}i\"" combined
      LogFormat "%h %l %u %t \"%r\" %>s %b" common
      <IfModule logio_module>
        LogFormat "%h %l %u %t \"%r\" %>s %b \"%i\" \"%{User-Agent}i\" %I %O" combinedio
      </IfModule>
  The location and format of the access logfile (Common Logfile Format).
  If you do not define any access logfiles within a <VirtualHost>
  container, they will be logged here.  Contrariwise, if you do
  define per-<VirtualHost> access logfiles, transactions will be
  logged therein and not in this file.
      CustomLog logs/access.log common
  If you prefer a logfile with access, agent, and referer information
  (Combined Logfile Format) you can use the following directive.
      #CustomLog logs/access.log combined
  </IfModule>
  <IfModule alias_module>
  Redirect: Allows you to tell clients about documents that used to
  exist in your server's namespace, but do not anymore. The client
  will make a new request for the document at its new location.
  Example:
  Redirect permanent /foo http://www.example.com/bar
  Alias: Maps web paths into filesystem paths and is used to
  access content that does not live under the DocumentRoot.
  Example:
  Alias /webpath /full/filesystem/path
  If you include a trailing / on /webpath then the server will
  require it to be present in the URL.  You will also likely
  need to provide a <Directory> section to allow access to
  the filesystem path.
  ScriptAlias: This controls which directories contain server scripts.
  ScriptAliases are essentially the same as Aliases, except that
  documents in the target directory are treated as applications and
  run by the server when requested rather than as documents sent to the
  client.  The same rules about trailing "/" apply to ScriptAlias
  directives as to Alias.
      ScriptAlias /cgi-bin/ "c:/apache/cgi-bin/"
  </IfModule>
  "c:/apache/cgi-bin" should be changed to whatever your ScriptAliased
  CGI directory exists, if you have that configured.
  <Directory "c:/apache/cgi-bin">
      AllowOverride None
      Options None
      Order allow,deny
      Allow from all
  </Directory>
  Apache parses all CGI scripts for the shebang line by default.
  This comment line, the first line of the script, consists of the symbols
  pound (#) and exclamation followed by the path of the program that
  can execute this specific script.  For a perl script, with perl.exe in
  the C:\Program Files\Perl directory, the shebang line should be:
     #!c:/program files/perl/perl
  Note you mustnot_ indent the actual shebang line, and it must be the
  first line of the file.  Of course, CGI processing must be enabled by
  the appropriate ScriptAlias or Options ExecCGI directives for the files
  or directory in question.
  However, Apache on Windows allows either the Unix behavior above, or can
  use the Registry to match files by extention.  The command to execute
  a file of this type is retrieved from the registry by the same method as
  the Windows Explorer would use to handle double-clicking on a file.
  These script actions can be configured from the Windows Explorer View menu,
  'Folder Options', and reviewing the 'File Types' tab.  Clicking the Edit
  button allows you to modify the Actions, of which Apache 1.3 attempts to
  perform the 'Open' Action, and failing that it will try the shebang line.
  This behavior is subject to change in Apache release 2.0.
  Each mechanism has it's own specific security weaknesses, from the means
  to run a program you didn't intend the website owner to invoke, and the
  best method is a matter of great debate.
  To enable the this Windows specific behavior (and therefore -disable- the
  equivilant Unix behavior), uncomment the following directive:
  #ScriptInterpreterSource registry
  The directive above can be placed in individual <Directory> blocks or the
  .htaccess file, with either the 'registry' (Windows behavior) or 'script'
  (Unix behavior) option, and will override this server default option.
  DefaultType: the default MIME type the server will use for a document
  if it cannot otherwise determine one, such as from filename extensions.
  If your server contains mostly text or HTML documents, "text/plain" is
  a good value.  If most of your content is binary, such as applications
  or images, you may want to use "application/octet-stream" instead to
  keep browsers from trying to display binary files as though they are
  text.
  DefaultType text/plain
  <IfModule mime_module>
  TypesConfig points to the file containing the list of mappings from
  filename extension to MIME-type.
      TypesConfig conf/mime.types
  AddType allows you to add to or override the MIME configuration
  file specified in TypesConfig for specific file types.
      #AddType application/x-gzip .tgz
  AddEncoding allows you to have certain browsers uncompress
  information on the fly. Note: Not all browsers support this.
      #AddEncoding x-compress .Z
      #AddEncoding x-gzip .gz .tgz
  If the AddEncoding directives above are commented-out, then you
  probably should define those extensions to indicate media types:
      AddType application/x-compress .Z
      AddType application/x-gzip .gz .tgz
  AddHandler allows you to map certain file extensions to "handlers":
  actions unrelated to filetype. These can be either built into the server
  or added with the Action directive (see below)
  To use CGI scripts outside of ScriptAliased directories:
  (You will also need to add "ExecCGI" to the "Options" directive.)
      #AddHandler cgi-script .cgi
  For type maps (negotiated resources):
      #AddHandler type-map var
  Filters allow you to process content before it is sent to the client.
  To parse .shtml files for server-side includes (SSI):
  (You will also need to add "Includes" to the "Options" directive.)
      #AddType text/html .shtml
      #AddOutputFilter INCLUDES .shtml
  </IfModule>
  The mod_mime_magic module allows the server to use various hints from the
  contents of the file itself to determine its type.  The MIMEMagicFile
  directive tells the module where the hint definitions are located.
  #MIMEMagicFile conf/magic
  Customizable error responses come in three flavors:
  1) plain text 2) local redirects 3) external redirects
  Some examples:
  #ErrorDocument 500 "The server made a boo boo."
  #ErrorDocument 404 /missing.html
  #ErrorDocument 404 "/cgi-bin/missing_handler.pl"
  #ErrorDocument 402 http://www.example.com/subscription_info.html
  EnableMMAP and EnableSendfile: On systems that support it,
  memory-mapping or the sendfile syscall is used to deliver
  files.  This usually improves server performance, but must
  be turned off when serving from networked-mounted
  filesystems or if support for these functions is otherwise
  broken on your system.
  #EnableMMAP off
  #EnableSendfile off
  Supplemental configuration
  The configuration files in the conf/extra/ directory can be
  included to add extra features or to modify the default configuration of
  the server, or you may simply copy their contents here and change as
  necessary.
  Server-pool management (MPM specific)
  #Include conf/extra/httpd-mpm.conf
  Multi-language error messages
  #Include conf/extra/httpd-multilang-errordoc.conf
  Fancy directory listings
  #Include conf/extra/httpd-autoindex.conf
  Language settings
  #Include conf/extra/httpd-languages.conf
  User home directories
  #Include conf/extra/httpd-userdir.conf
  Real-time info on requests and configuration
  #Include conf/extra/httpd-info.conf
  Virtual hosts
  #Include conf/extra/httpd-vhosts.conf
  Local access to the Apache HTTP Server Manual
  #Include conf/extra/httpd-manual.conf
  Distributed authoring and versioning (WebDAV)
  #Include conf/extra/httpd-dav.conf
  Various default settings
  #Include conf/extra/httpd-default.conf
  Secure (SSL/TLS) connections
  #Include conf/extra/httpd-ssl.conf
  Note: The following must must be present to support
        starting without SSL on platforms with no /dev/random equivalent
        but a statically compiled-in mod_ssl.
  <IfModule ssl_module>
  SSLRandomSeed startup builtin
  SSLRandomSeed connect builtin
  </IfModule>
  <b>ProxyPreserveHost On
  ProxyVia on
  ProxyTimeout 600
  #disable forward-proxying
  ProxyRequests Off
  #proxy /irj both ways
  ProxyPass /irj http://sapportal:50000/irj
  ProxyPassReverse /irj http://sapportal:50000/irj
  #ProxyPassReverse /irj http://testcomp/irj
  #proxy /logon both ways
  ProxyPass /logon http://sapportal:50000/logon
  ProxyPassReverse /logon http://sapportal:50000/logon
  #ProxyPassReverse /logon http://testcomp/logon</b>

• How to configure apache for ssl in windows platform

  hi all,
  can anyone help me expalin how to configure apache for ssl in windows platform.

  George,
  I would take the following 'first steps'
  1)Install Apache20 on your Windows machine following the Apache online documentation
  http://httpd.apache.org/docs-2.0/misc/tutorials.html
  2)Make sure you can 'serve up' static HTML content from your Apache Server
  3)Install Weblogic Server per our online documentation
  http://edocs.bea.com/wls/docs61/install/index.html
  4)Also, make sure you can 'serve up' both static and dynamic (e.g., JSP) content
  directly from WLS server
  5)Once you have both of the above 'sanity' checks attempt to configure a simple
  proxy by ppath or mime type via our online documentation
  http://edocs.bea.com/wls/docs61/adminguide/apache.html#103803
  Chuck Nelson
  DRE
  BEA Technical Support

• Setting apache reverse proxy for EP6SP2

  Hi friends,
  I want to set apache reverse proxy for EP6SP2. But after doing the following changes, it is showing the SAP J2EE Engine documentation page.
  The following changes has been dont to httpd.conf:
  NameVirtualHost 1.1.1.1:80
  <VirtualHost 1.1.1.1:80>
    ProxyRequests Off
    ServerName ep6.xyz.com
    ProxyPreserveHost On
    proxyPass        /  http://ep6.xyz.com:50000/
    proxyPassReverse /  http://ep6.xyz.com:50000/
    ErrorLog logs/base.80.error.log
    CustomLog logs/base.80.custom.log common
  </VirtualHost>
  Help needed.
  Regards,
  Nilz

  Hi,
  I have a problem with my proxy:
  ssl.conf.in like
  ProxyPass /irj http://debmsu06.server.###.de:50300/irj
  ProxyPassReverse /irj http://debmsu06.server.###.de:50300/irj
  RewriteRule ^/$ /irj/portal [R]
  If I use URL:
  https://bebuyer.###.de/ goto https://bebuyer.###.de/irj/portal
  but if I use
  https://bebuyer.###.de/irj/
  I get the info:
  https://bebuyer.###.de/irj/HTTPS:/bebuyer.###.de:443/irj/index.html
  What is happened? How I can redirect to /irj/portal?
  Of course I can use
  http://debmsu06.server.###.de:50300/irj/
  Could you please give me some tips?
  Best Thanks!
  Heren Zhou

• Apache as a reverse proxy for E-recruiting

  We are trying to use apache as a reverse procy for e-recruting. The call to the web proxy is being forwareded correctly but whereas if the page is opened directly on the e-recruiting box it opens a page with a bsp generated logon screen, when using the portal it generates a window dialog for logon and i the get the following message :
  BSP Exception: Das Objekt sap/bc/bsp/sap/hrrcf_start_int/sap/bc/bsp/sap/hrrcf_start_int/application.do in der URL /sap/bc/bsp/sap/hrrcf_start_int/sap/bc/bsp/sap/hrrcf_start_int/sap/bc/bsp/sap/hrrcf_start_int/application.do?sap-client=100&sap-language=EN&BspClient=100&BspLanguage=EN&rcfSpId=0003&rcfContext=LMUGEN ist nicht gültig.
  Has anyone done apache as a proxy for e-recruting who can share an example or offer any advice?
  Thanks

  Hi Richard,
  you can take this link as a starting point: /people/sap.user72/blog/2006/04/18/the-reverse-proxy-series--part-32-apache-as-a-complex-reverse-proxy
  In your case it seems to me that "/sap/bc/bsp/sap/hrrcf_start_int" gets concatenated 2 more times in your URL than it should.
  That looks like a loop resp. an apache directive which gets executed too often.
  regards, Norbert

• Reverse Proxy for OIF on iPlanet

  hi,
  I am trying to implement reverse proxy for OIF r3 Identity Provider on iPlanet.
  I configured the obj.conf of iPlanet accordingly.
  <Object name="passthrough1">
  Service fn="service-passthrough" servers="http://backendIDP.com:80"
  Error reason="Bad Gateway" fn="send-error" uri="C:/Sun/WebServer6.1/docs/badgateway.html"
  </Object>
  <Object Default>
  NameTrans fn="assign-name" from="/fed/" name="passthrough1"
  NameTrans fn="assign-name" from="/fed/*" name="passthrough2"
  </Object>
  when i tried the IDP initiated proxy url in a browser like (http://proxy.com/fed/idp/initiatesso?providerid=XXXXXXXX&returnurl=YYYY)
  immediately its being forwaded to backend Identity Provider for authentication like(http://backendIDP.com/sso/jsp/salogin.jsp?doneURL=/user/loginsso&refID=id-ysJ-7-1PR9k-QI2bg9zZkPdyHPw-)
  I was expecting that it is redirected to Proxy URL like (http://proxy.com/sso/jsp/salogin.jsp?doneURL=/user/loginsso&refID=id-ysJ-7-1PR9k-QI2bg9zZkPdyHPw-)
  At the end it is giving me null pointer exception instead of return URL "YYYYY"
  Does any one know how to fix the error.

  web or weblogic.xml files on your RPS needs to define for each case like if inbound port is 7011 then send it to PIA:7011 and http and the same for 7012 then send it to PIA:7012 and https. in the webprofile configuration for your RPS profile, set both https and http relative URLS. I believe you could start using this info and I am sure you could figure out the rest.

• Question on Apache as reverse proxy

  Hi, all.
  We are currently using Apache 2.2.10 as the reverse proxy for the EP 7.3.1. All of the apps are webdynpro for Abap based in ECC.
  In 2 of the WDA apps, we get intermittent blue circle of death. The user action can be totally random in the apps when they hit the problem. So far, we are not able to reproduce it. When the spinning circle happens, SM04 and SM50 in ECC show no activity from that user. There is nothing from SM21, ST05(abap and sql trace) or the dev_* trace files. I don't think SAP is running anything for that user when that happens. Ultimately, the user will get a "bad request" or HTTP 400 from the Apache server.
  Here is what I see from the apache access log and error log:
  [31/Jul/2014:23:50:26 -0400] TLSv1 AES128-SHA "POST /sap/bc/webdynpro/sap/ZR_SSEPP_OPERATIONAL_SCHEDULE;sap-ext-sid=VcFRQjFOvu8TJYp9gDoeAA--4x1GQAg0MPPjCUEQif5iWQ--?sap-contextid=SID%3aANON%3asapprd_PR3_03%3aezUnW-FXtaYVyXREaAD7rxW0k8o5pk_n9RfjPfcB-NEW HTTP/1.1" 400 3004 "https://xxxxx/sap/bc/webdynpro/sap/ZR_SSEPP_OPERATIONAL_SCHEDULE;sap-ext-sid=VcFRQjFOvu8TJYp9gDoeAA--4x1GQAg0MPPjCUEQif5iWQ--" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)" 706345611
  [Fri Aug 01 14:19:07 2014] [error] [client 10.4.53.198] (70014)End of file found: proxy: error reading status line from remote server xxxxxx, referer: https://xxxxx/sap/bc/webdynpro/sap/ZR_SSEPP_OPERATIONAL_SCHEDULE;sap-ext-sid=RaH2yjQlV6o7wVaj6wv6zA--LXTMFzjjKvcuwT*DXWoBmA--
  Have you seen this error before? If you are using apache as the reverse proxy, would you mind to share the parameters you have?
  Thanks,
  Jonathan.

  Hi, Lawrence.
  The reason I am posting is because we couldn't isolate the source of the problem. I know that the Apache server is 7 years old. But the apache team is only thinking of updating it to 2.2.27 until later this year, nevermind the version 2.4. Chances are there will be delays as the apache is shared by a lot of other non-sap apps.
  Would you be able to share your troubleshooting experience? How do you pinpoint that this is an Apache issue? Right now the Apache team is saying that this is an SAP issue. But since we cannot reproduce the problem and we are not allowed to take Apache out temporarily or selectively(as per Corporate policy), everything is possible.
  Thanks,
  Jonathan.

• How to configure apache to avoid risks while hosting your domain

  Hi all
  I am trying to host my personal site on my machine, and after configuring the personal web i am able to see the apache page when i go to my ip address (the real one, not the one from my router).
  Now, i have little experience with apache on pc, and i remember that there was a bunch of files to set up authentication, users allowed to log in into your site, restrictions to avoid that some guy will sneak on the machine and get out of the web folder....etc.
  Can someone please point me to the right info about how to configure apache on Leopard to avoid unwanted risks while simply hosting a site and a wiki?
  Thanks!

  Leopard client only has a User Interface to turn web sharing on or off. If you want to modify apache you have to do via the command line in the terminal client.
  Out of the box Leopard is configured so that only your sites folder is accessible. and the systemwide webfolder located at /Library/WebServer/Documents
  so if you want your sites folder to be accessible and not the main webserver folder can rename that folder to Documents.bak for example.

• How to configure Apache Virtual Hosts?

  Hi, I was wondering, how does configure Apache virtual hosts for Mac OS X Client 10.4.5? At this time, I have added
  NameVirtualHost *:80
  <VirtualHost *:80>
  ServerAdmin [email protected]
  DocumentRoot /Library/WebServer/Documents/janus
  ServerName janus.php.test
  ErrorLog /private/var/log/httpd/janus.php.com-error_log
  CustomLog /private/var/log/httpd/janus.php.com-access_log common
  </VirtualHost>
  Finally, when I try to use the name in the browser, I get the following error message:
  Safari can’t find the server.
  Safari can’t open the page “http://janus.php.test/” because it can’t find the server “janus.php.test”.
  Well, I must go and thanks in advance.
  Peace,
  -Conrad

  If you want to use the fqdn you defined and can/do not want to register it as a Internet Domain you can add it to the hosts file in /etc/hosts if you are comfortable using terminal and the shell
  open a terminal
  and use the following commands
  cd /etc
  sudo vim hosts
  (you will be prompted for your password here, enter it and hit return)
  in vim scroll to the last line which will look like
  ::1 localhost
  type
  i
  (you are now in insert mode)
  type the following line
  192.168.0.15 janus.php.test
  (replace the ip address with the ip address of the host in question)
  hit Control-C
  type
  :w (vim will confirm in the last line)
  type
  :q
  you are back at the terminal
  test your new hosts file by typing
  ping janus.php.test
  Hope this helps
  Mike