O-Portal behind reverse proxy, aliasing of o-portal url to generic url.

I'd like to setup o-Portal behind a reverse proxy. This is a proxy service which accepts connections on http://a.b.com/ and gets the content from internal webservers based on the url. For example http://a.b.com/pls/DAD1 comes from an o-Portal server but http://a.b.com/depts/ comes from a webserver. The problem with o-Portal is now, that it creates pages with its servername and port in the URL of the pages it serves out. For example, if it runs on server x.b.com on the port 7777 the links on all pages are http://x.b.com:7777/pls/DAD1. To get it to work correctly with my proxy, all these links should be http://a.b.com/pls/DAD1 and then the proxy gets the pages from http://x.b.com:77777/pls/DAD1.
How do I tell o-Portal to create this different URL in its pages? You could also say, I'd like to alias http://a.b.com/pls/DAD1 to http://x.b.com:77777/pls/DAD1
I'm sure there is a configuration setting to change this. We had the same problem with Oracle HR11i and there we got it solved.
Web Single Sign On applications like IBM WebSeal or Netegrity Siteminder use these kind of proxies to protect the intranet and to create a Single Sign On domain for all web servers.
Thanks,
Rainer

I also would like overcome this issue. I could not find an answer anywhere on Metalink or OTN.
Can a reverse-proxy (i.e. using ProxyPass & Reverse) be used with and internal Portal?
John Z
Butler Mfg. Co.
[email protected]

Similar Messages

  • Reverse Proxy from Apache to portal to 2 different ITS Systems

    We're using Apache 2 webserver and we've enabled reverse proxy from our proxy server to our Enterprise Portal 7.0.  We have transaction iviews for different systems, an ECC 6.0 and CRM 5.0.  We are using the integrated ITS for these systems provided with basis version 7.0.  We have all the necessary ports open in the firewall.  I know how to configure the proxy when there's only one ITS server, but how would I do it for two (the ECC and CRM system)?

    We have integrated ITS.  I am not sure I understand where you are going with globalr.srvc file.  We have two systems that we want to hit from the portal via reverse proxy.  One is the ECC system and the other CRM 5.0.  In our portal we use the integrated ITS for each system:
    ECC sytem:
    http://ecc.system.com:8001/sap/bc/gui/its/sap/webgui
    CRM sytem:
    http://crm.system.com:8001/sap/bc/gui/its/sap/webgui
    The issue is how would I map to both ITS from the Apache reverse proxy

  • Help with Apache Reverse Proxy configuration with SAP Portal and SAP Webgui

    Dear Experts,
    I have an issue configuring Apache to work with SAP Portal and ERP webgui. Accessing Portal through Reverse Proxy is working fine. But the problem arises when we try to open an iView ERP webgui transaction page from Portal with the Reverse Proxy. Have anyone implemented similar requirements and could advice on the configuration required on the Apache side? Thank you

    hi,
    pls check the below links for reference:
    https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/24396589-0a01-0010-3c8c-ab2e3acf6fe2
    searchsap.techtarget.com/searchSAP/downloads/chapter-december.pdf
    1)Learn to implement the reverse proxy filter and portal gateway in SAP Enterprise Portal 6.0 on Web Application Server 6.40.
    https:/.../irj/sdn/nw-portalandcollaboration?rid=/webcontent/uuid/006efe7b-1b73-2910-c4ae-f45aa408da5b
    .2 )Configuring the Portal for Your Reverse Proxy Filter Solution . ... This document describes the reverse proxy filter mechanism in SAP Enterprise ...
    https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/32ad9b90-0201-0010-3c8a-c900cd685f8f
    3)have full reverse proxy functionality. Possibly. filter. requests. Internet ... Reverse proxy (optionally with authentication etc.) ...
    https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/c066c390-0201-0010-3cba-cd42dfbcc8be
    Note:please reward points if solution found helpfull
    Regards
    Chandrakanth.k

  • How to change Script path for Reserved.ReportViewerWebControl.axd when working behind reverse proxy?

    Hi,
    My application works behind a reverse proxy which has polices for secure and unsecure areas of the application. Architecture and Infra team is not willing to allow any root level policies in any case
    When report viewer control is rendered on the page, it is adding a reference to the http handler Reserved.ReportViewerWebControl.axd in the script tag and the URL is at the root level. Unfortunately like other AjaxControlToolkit web resources I cannot modify
    the URL to refer to the local script using ScriptManager.
    Do we have any other property / means by which I can get this altered.
    It is so unfortunate that the Microsoft.ReportViewer.WebForms assembly resources like scripts etc are not exposed as webresource at the assembly level and there is no way to modify this.
    Does anyone has any solution to this?
    Appreciate your help
    Thanks in advance
    Badal

    Hi Badal,
    Thank you for your question.
    I am trying to involve someone more familiar with this topic for a further look at this issue. Sometime delay might be expected from the job transferring. Your patience is greatly appreciated.
    Thank you for your understanding and support.
    Thanks,
    Alisa Tang
    If you have any feedback on our support, please click
    here.
    Alisa Tang
    TechNet Community Support

  • Unable to set session in Oracle Portal useing reverse proxy

    I have deployed a reverse proxy (using Oracle HTTP Server) in front of a Oracle Portal Install (version 10.1.2.0.2). The steps followed to set this up came from the following documents:
    Steps mentioned in Section 9.2 Configuring a Reverse Proxy for OracleAS Portal and OracleAS Single Sign-On for a reverse proxy on a Oracle HTTP Server.
    http://download-west.oracle.com/docs/cd/B14099_15/core.1012/b13998/variants.htm#ASTED005
    Also performed steps mentioned in -> Section 5.3.7 - Step 7: Enable Session Binding on OracleAS Web Cache of the Oracle® Application Server Portal Configuration Guide 10g Release 2 (10.1.2) -- B14037-03.
    My current (example names shown only)setup details are as follows:
    Reverse Proxy for SSO server (running on internal.oracle.com:7777): proxy.oracle.com:7777
    Reverse Proxy for Portal server (running on internal.oracle.com:7778): proxy.oracle.com:7778
    With the above steps completed, I can successfully use the http://proxy.oracle.com:7777/pls/orasso for login into SSO without any issues.
    Users get authenticated successfully.
    I can also use http://proxy.oracle.com:7778/pls/portal for viewing pages on the portal fine . All self referencing links have also been successfully modified to point to proxy.oracle.com:7778.
    However, an attempt to login in the portal is not successful. Clicking on the 'Login' link successfully redirects to the SSO login page (http://proxy.oracle.com:7777/<login-page>). However, after successful authentication, the success page fails to show up and the user gets shown the initial login portal home page again.
    There are no error messages shown on the screen.But it seems that user session is failing to be initiated/set correctly, as shown by the log file (in $PORTAL_ORACLE_HOME/j2ee/OC4J_Portal/application-deployments/portal/OC4J_Portal_default_island_1/application.log ):
    06/11/21 16:49:31 portal: [module=RepositoryServlet, ecid=83928411196,1] Repository Gateway: LWUser: PUBLIC, Cookie: oracle.uix=0^^GMT+10:00;
    portal=9.0.3+en-au+us+AUSTRALIA+22BC75924EEAD8A2E040007F010019F7+8DAC5E3559C95F5E0090A6F56FFA58192CB0F437CA57A9102A6394F1EB7FAB5DEE3BFA12C65
    91C0C009B6......
    06/11/21 16:49:31 portal: [module=RepositoryServlet, ecid=83928411196,1] ERROR: Repository Gateway error: Database Error: ORA=20001 ORA-20001:
    Unable to obtain session information from the cookie. Please close your browser and reconnect.
    ORA-06512: at "PORTAL.WPG_SESSION", line 149
    ORA-06512: at line 22
    Any help with this will be appreciated.
    Thanks.

    Hi Chris,
    The begin of the expection stack gives you the reason:
    06/11/03 09:13:59 java.sql.SQLException: The method 'setSavepoint' cant be called when a global transaction is active
    The reason is, that either the whole global transaction must be commited or rollbacked.
    I don't know your actual configuration, but between the methods begin() and commit()/rollback() of the UserTransaction instance, OC4J/OracleAS uses a global transaction (= XA transaction) in your configuration. The state of a global transactions is completely under the control of the application server and several restrictions must be considered. One of them is, that you can't use the method setSavePoint/. E.g. you can't also call the method setAutoCommit(true) in this state, or change the transaction isolation level via setTransactionIsolation(newLevel).
    This is NOT a limitation of the OC4J/OracleAS but is true for ALL application servers.
    P.S. I can successfully set savepoints and rollback to savepoints in weblogic 9.0This means, that WebLogic 9.0 doesn't use a global transaction in this case.
    Because I don't know your configurations (Oracle and WebLogic) I can't say, why the behave different in this situation.
    Best,
    Manfred

  • Reverse Proxy with Firewall on Portal R2

    We are trying to configure Oracle Portal R2 in the reverse proxy mode. We have a Sun Enterprise 250 used in a single machine configuration. (Infr. and Mid tier on same machine)
    The webcache server is listening on server.company.com:7781
    The portal server is listening on server.company.com:7782
    The login server is listening on server.company.com:7780
    The proxy server is listening on www.company.com:81
    According to the Oracle Portal Config Guide we have followed the steps to configure Apache (inclusion of the virtual hosts, etc) and run the ptlasst script to reconfigure portal. While portal responds correctly on www.company.com:81 when i try to log on using the login link I get redirected to server.company.com:7780/...
    Obviously everything seems to be ok from within the LAN since i can see server.company.com, but via internet it doesnt work.
    Here is how we run the script:
    ./ptlasst.csh -mode MIDTIER -host www.company.com -port 81 -chost server.company.com -cport_i 4007 -i custom -c server.company.com:1521:iasdb -pwd xxxxxx
    How can we correct this problem? Do we need to run any other script?

    Hi Suraj,
    The following is the problem.
    We have Sun Enterprise 450 on which Oracle 9iAS Release 2 installed and we are trying to use reverse proxy plugin with iplanet, being installed on windows machine. In the hosts file i have mentioned the following required parameters ie.,
    oproxy.serverlist=ias1
    oproxy.ias1.hostname=http://192.168.1.12 - where Oracle 9iAS is installed
    oproxy.ias1.port=7779
    oproxy.ias1.urlrule=/*
    oproxy.ias1.alias=http://myoracleportal.peesh.com
    oproxy.ias1.stripcontext=false
    and whenever i restart iplanet server after this, here is the following log information.
    06/26/2002 11:57:52 AM: [op_nsapi_plugin.c (296)]: op_init: log_file=e:/iPlanet/https-pncl-hcl028-053.pinnacle.com/logs/oproxy.log server_file=e:/iPlanet/https-pncl-hcl028-053.pinnacle.com/config/servers/oracleProxyPluginInfo.conf
    06/26/2002 11:57:52 AM: [op_uri_map.c (128)]: Into op_uri_map_t::uri_map_alloc
    06/26/2002 11:57:52 AM: [op_uri_map.c (162)]: Into op_uri_map_t::uri_map_open
    06/26/2002 11:57:52 AM: [op_worker_list.c (37)]: op_worker_list_init: propfile=e:/iPlanet/https-pncl-hcl028-053.pinnacle.com/config/servers/oracleProxyPluginInfo.conf p=0x00DC8828 l=0x00DBDA70
    06/26/2002 11:57:52 AM: [op_worker_list.c (45)]: op_worker_list_init: numservers=1
    06/26/2002 11:57:52 AM: [op_worker_list.c (57)]: op_worker_list_init: inside loop, serverlist[0]=ias1
    06/26/2002 11:57:52 AM: [op_worker_list.c (73)]: op_worker_list_init: hostname=http://192.168.1.12
    06/26/2002 11:57:52 AM: [op_worker_list.c (82)]: op_worker_list_init: port=7779
    06/26/2002 11:57:53 AM: [op_uri_map.c (192)]: op_uri_map_t::uri_map_open, rule map size is 0
    06/26/2002 11:57:53 AM: [op_uri_map.c (325)]: op_uri_map_t::uri_map_open, done
    06/26/2002 11:57:53 AM: [op_nsapi_plugin.c (304)]: op_init: exiting
    I have a feeling that "oracle_proxy_nes.dll" maintains all the .conf file information in a stack, whose size is 0.
    pls see interpret this log the way you see.
    thanks in advance,
    gupta

  • Cannot access the content producer portal via reverse proxy

    Hi all,
    I hope my post is in the right forum
    We have an FPN environment using RRA with our EP (NW 7.0 SPS18) as the consumer and our BI portal (NW 7.0 SPS18) as the content producer.  The consumer is registered with the producer using HTTP protocol.  Everything works as expected.
    We're trying to implement an Apache reverse proxy for our FPN with SSL termination so that we can access the portals from the Internet with HTTPS protocol while keeping HTTP protocol for the internal users.
    Through the reverse proxy, we can access the consumer portal and we can access the producer portal directly without any problem.  The only problem is that, if we logged onto the consumer via the reverse proxy, we cannot access the content from the producer.  We'd get the browser security warning message
    "Although this page is encrypted.  The information you have entered will be sent over an unencrypted connection. ..."
    When we hit the Continue button, we'd get the eror 404 Not Found - The request resource does not exist.
    Our Unix admin tried both Apache and SAP Web Dispatcher but we couldn't get it to work properly.  We went through a lot of blogs and documents and we are at our wits end.  We would greatly appreciate if someone can point out where we should look at.
    Thank you very much in advance.
    Dao

    Hi Kevin,
    Unfortunately, our Unix admin thinks you missed the point because my question was not clear enough
    We do not have problems with the "correct name" in the reverse proxy and our main SSL termination works fine. 
    It's just that the consumer is registered with the producer using HTTP protocol; as a result, the producer's URL link is 'hard-coded' to use HTTP protocol in the consumer portal since we are not using SSL in the internal network.  Hence, we'd like to know if there's any way to change them to HTTPS for the Internet clients while keeping the HTTP protocol for the internal users.
    I hope I made it clearer this time
    Regards,
    Dao

  • Peoplesoft Portal with Reverse Proxy, content provider also need RP?

    Hello there,
    I need your help, I am currently implementing a PS Portal, I set my CRM as content provider, for safety reasons public access portal is configured using a reverse proxy (rp), my question is: Is there a different option to configure the CRM also with reverse proxy? as static content generated by CRM are then shown through the Website Portal (already rp),
    Thanks and regards.
    Alexander C.

    I also would like overcome this issue. I could not find an answer anywhere on Metalink or OTN.
    Can a reverse-proxy (i.e. using ProxyPass & Reverse) be used with and internal Portal?
    John Z
    Butler Mfg. Co.
    [email protected]

  • Portal with reverse proxy

    I have been trying to implement my portal with a reverse proxy as described in the whitepaper Oracle9iASPortal Configuration Options dated Dec 2000. It hasn't gone well. I did get it to work on a plain portal with no users or customizations but now when I try to set it up with a portal with minor configuration changes, it no longer works thru the reverse proxy. Has anyone had success using Oracle9iASPortal v 1.0.2.1 with a reverse proxy?

    The 9.0.4 Portal Configuration Guide has a section about setting this up:
    5.6 Configuring Reverse Proxy Servers
    The 9.0.4 documentation library can be found on OTN:
    http://www.oracle.com/technology/documentation/appserver10g.html

  • ACE behind Reverse Proxy - performance issue

    Hi,
      I've got a config working to accommodate the required use of reverse proxy servers infront of my application servers.  Traffic comes into the Front ACE and I insert a header "SRCIP" with the original client IP address which is preserved through the Rev Proxy servers and is then inspected on the Back ACE to create a sticky to a given application server/SRCIP pairing.  The use of the RP's appears to require using the persistence-rebalance option otherwise the traffic get stuck to the wrong app server.  The app functions perfectly with this config; however, there is a severe performance impact.  Using load-runner, we see response times go from 1.5 seconds to 16 seconds for the same transactions comparing this config to a previous config which used static sticky to bind the RP to the app servers..
    Question:  Is there a better way to do this and remain dynamic, or some way to optimize this approach to reduce the performance impact.
    Relevant Config for both ACE's here:
    !!Front ACE
    parameter-map type http HTTP_REBAL
      persistence-rebalance
      length-exceed continue
    sticky ip-netmask 255.255.255.255 address source ALPHA-SRCIP-sticky
      timeout 60
      replicate sticky
      serverfarm ALPHA
    policy-map type loadbalance first-match vip-R1A-ALPHA
      class class-default
        sticky-serverfarm ALPHA-SRCIP-sticky
        insert-http SRCIP header-value "%is"
    policy-map multi-match PREP-VIP
      class VIP-ALPHA-R1A
        loadbalance vip inservice
        loadbalance policy vip-R1A-ALPHA
        appl-parameter http advanced-options HTTP_REBAL
        ssl-proxy server SSL_ALPHA_R1A
    !!Back ACE
    parameter-map type http HTTP_REBAL
      persistence-rebalance
      length-exceed continue
    sticky http-header SRCIP ALPHA-SRCIP-sticky
      timeout 60
      replicate sticky
      serverfarm coresoms-ALPHAfarm
    class-map type http loadbalance match-all SRCIP-MAP
      2 match http header SRCIP header-value ".*"
    policy-map type loadbalance first-match vip-lb-ALPHA
      class SRCIP-MAP
        sticky-serverfarm ALPHA-SRCIP-sticky
    policy-map multi-match lb-vip
      class VIP-ALPHA
        loadbalance vip inservice
        loadbalance policy vip-lb-ALPHA
        appl-parameter http advanced-options HTTP_REBAL

    Hi Joseph,
    To achieve this you need to do stickiness based on some L7 parameter (either the header you are currently using or some cookie), so, whatever you do you will have to use persistence rebalance.
    I have one possible theory for your issue.
    The ACE has two different ways of treating the L7 connections internally, that we call "proxied" and "unproxied". In essence, the proxied mode means that the traffic will be processed by one of the CPU (normally to inspect/modify the L7 data), while, on the unproxied mode, the ACE sets up a hardware shortcut that allows forwarding traffic without the need to do any processing on it.
    For a L7 connection, the ACE will proxy it at the beginning, and, once all the L7 processing has been done it will unproxy the connection to save resources. Before it goes ahead with the unproxying, it needs to see the ACK for the last L7 data sent. This wait, on a Internet environment can introduce around 100-200ms of delay for each HTTP request, which can end up adding into a very big delay. By default, if the ACE sees that the RTT to the client is more than 200ms, the connection will never be unproxied to avoid these delays, so I think we could fix your issue by tweaking this threshold.
    From what you described, I asssume you don't have many connections (because they all come through a proxy) and that the connections will have a lot of HTTP requests inside. With that in mind, I would suggest setting the threshold to 0 to ensure to keep connections always proxied. To do this, you would nee to configure a parameter map like the one below and add it to your VIP
        parameter-map type connection
          set tcp wan-optimization rtt 0
    Even though this setting may avoid your issue, it also has some drawbacks. The main one is that the ACE20 only supports up to 512K simultaneous L7 connections in proxied state (which includes also the connections towards the servers, so, it would be 250K for client connections), so, if the amount of simultaneous connections reaches that limit, new connections would be dropped. The second issue, although not so impacting, would be that the maximum number of connections per second supported would also go down slightly due to the increased processing needed.
    I hope this helps
    Daniel

  • Apache installation for reverse proxy in linux for portal

    dear all,
    can u please guide me where to download the openssl apache foe linux for the reverse proxy
    regards
    revanth

    Google is your friend...
    It will take 15 seconds !
    Regards,
    Olivier

  • Portal 10.1.2 with reverse proxy

    Hi,
    Does anybody configure Portal 10.1.2 working with reverse proxy behind the firewall?
    I tried using generic docs and Metalink Notes 270160.1, 262451.1, unsuccessful.
    I ended with SSO not starting at all.
    Now i have fresh install without proxy and I am looking for some success reference.
    Thanx
    Jiri

    What are you going to use for the Reverse Proxy?
    1) Apache
    2) Oracle Isapi IIS Plugin
    3) Oracle HTTP Server
    4) Webcache
    I've been dealing with basically #1, #2 for the past month so I could have some info for you there. How is your MT's / Infra configured? same server, different servers? Will the proxy be in another server? Do you have webcache running?
    I would suggest making sure it works internally first with the name that you want before putting the reverse proxy infront of it. I have 1 URL that works now both internally and externally though a reverse proxy.
    It sounds like your having some SSO configuration related issues with your name. These are somewhat difficult to troubleshoot, so if needed open a TAR and Oracle Support can pretty quickly help you resolve those.

  • Reverse Proxy and SLD on an Enterprise Portal 7.0

    Hi
    I need to configure SLD and Reverse Proxy on an Enterprise Portal Server.
    How do i do this...
    can you refer me to the applicable guides
    Thanks
    Kalyan

    Hello,
    Thank you to interest to my problem.
    Browser -
    SSL----
    > Firewall/DMZ (No SSL termination, all traffic forwarded to ISA Server). Yes but there is a port translation port 443 to 50201
    Firewall/DMZ -
    SSL----
    > ISA Servrer -- (SSL Termination)--. IN fact it is noit the ssl terminaison. But from this point the url is modify to reach the host with EP7.0
    ISA Server--SSL--
    > EP7.0 (port 502010) When I test my configuration I have the Message web page not found. With a capture software i have verified that the request is sent to my EP 7.0( url2). But no logon page appeares.  With the modification on line of the HTTP provider in the dispatcher, i have checked that the response contains the URL1 and the standard port. But none web page is displayed.
    Thank you for your help.
    Regards,
    Julien

  • How to Install Apache 2.x with ssl on solaris 8/9 for reverse proxy

    Hi,
    I need to install Apache 2.x on solaris , along with mod_ssl and openssl . I am not sure where to find the required version for solaris and also where to find openssl and mod_ssl for installation for 2.x.
    I need this for configuring reverse proxy pointing to the Portal.

    Harish,
    I think, I don't get your problem...
    the files are available at http://www.apache.org (binaries and source)
    http://www.artfiles.org/apache.org/httpd/binaries/solaris/
    openssl at http://www.openssl.org
    mod_ssl at http://www.modssl.org
    kr, achim

  • Reverse proxy with apache2

    Hi folks,
    I have a huge problem here. I have a apache 2.0.50 on a Linux system that is to act as a reverse proxy for an enterprise portal. I have set up the apache to do reverse proxying and so far I have made first success. I can get to the login page of the portal and I even managed to make it show the images. The problem is, when I try to log on to the  portal I am always send back to the logon page in the very instance. If I enter the wrong logon information I see the authorization failed text, but when I enter correct information I only see the logon page again.
    I will put tyhe relevant part of my httpd.conf to this message and hope someone can point me to the right location or maybe even tell me what I'm doing wrong.
    And ny the way, the portal itself works perfectky when connected directly.
    Kind regards,
       Christian Guenther
    Reverse proxy configuration ############################################
    NameVirtualHost 172.30.210.96
    <VirtualHost 172.30.210.96>
       ServerAdmin [email protected]
       ServerName host.external.de
    SSL is turned off at the moment
       SSLEngine Off
       SSLCertificateFile /etc/apache2/ssl.crt/proxy.cert.cert
       SSLCertificateKeyFile /etc/apache2/ssl.key/proxy.cert.key
    Set up as a proxy for internal SAP systems
       ProxyRequests Off
       ProxyPreserveHost Off
       <Proxy *>
          Order deny,allow
          Allow from all
       </Proxy>
    IRJ
      <Location /irj/>
        ProxyPass http://host.internal.lan:8001/irj/
        ProxyPassReverse http://host.internal.lan:8001/irj/
    rewriting rules for proxy
        RewriteEngine On
        RewriteCond %  \.jsp
        RewriteRule ^(.+) % [P]
        RewriteCond % \.servlet
        RewriteRule ^(.+) %
    Portal
    rewriting rules for proxy
    [P]
      </Location>
      <Location />
        ProxyPass http://host.internal.lan:8001/
        ProxyPassReverse http://host.internal.lan:8001/
        RewriteEngine On
        RewriteCond %  \.jsp
        RewriteRule ^(.+) % [P]
        RewriteCond % \.servlet
        RewriteRule ^(.+) % [P]
      </Location>
    </VirtualHost>

    This is a valid configuration for an Apache Reverse Proxy:
    ThreadsPerChild 250
    MaxRequestsPerChild  0
    ServerRoot /usr/local/apache2
    Listen 443
    #LoadModule dir_module modules/mod_dir.so
    LoadModule rewrite_module modules/mod_rewrite.so
    LoadModule include_module modules/mod_include.so
    #LoadModule autoindex_module modules/mod_autoindex.so
    LoadModule access_module modules/mod_access.so
    #LoadModule auth_module modules/mod_auth.so
    LoadModule log_config_module modules/mod_log_config.so
    #LoadModule mime_module modules/mod_mime.so
    #LoadModule env_module modules/mod_env.so
    #LoadModule headers_module modules/mod_headers.so
    #LoadModule setenvif_module modules/mod_setenvif.so
    LoadModule alias_module modules/mod_alias.so
    LoadModule proxy_module modules/mod_proxy.so
    LoadModule proxy_http_module modules/mod_proxy_http.so
    LoadModule negotiation_module modules/mod_negotiation.so
    LoadModule ssl_module modules/mod_ssl.so
    ServerAdmin [email protected]
    ServerName your.servername.com
    UseCanonicalName Off
    make sure zou include these with valid entries...
    Include conf/log.conf
    Include conf/mime.conf
    Include conf/default.conf
    Include conf/ssl.conf
    BrowserMatch "Mozilla/2" nokeepalive
    BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
    BrowserMatch "RealPlayer 4\.0" force-response-1.0
    BrowserMatch "Java/1\.0" force-response-1.0
    BrowserMatch "JDK/1\.0" force-response-1.0
    BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
    BrowserMatch "MS FrontPage" redirect-carefully
    BrowserMatch "^WebDrive" redirect-carefully
    BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully
    BrowserMatch "^gnome-vfs" redirect-carefully
    BrowserMatch "^XML Spy" redirect-carefully
    BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
    this is for the MS IE SSL bug
    BrowserMatch ".MSIE." nokeepalive ssl-unclean-shutdown downgrade-1.0#
    force-response-1.0
    Header add P3P CP="NOI"
    Proxy with caching
    LoadModule cache_module modules/mod_cache.so
    LoadModule disk_cache_module modules/mod_disk_cache.so
    CacheRoot /usr/local/apache2/Cache
    CacheEnable disk /
    CacheDirLevels 5
    CacheDirLength 3
    <VirtualHost *:443>
        ServerName your.servername.com
        ServerAdmin [email protected]
    Set the level of log entries - debug produces A LOT of messages
        LogLevel debug
        ErrorLog logs\error.log
        LogFormat "%h %l %u %t \"%r\" %>s %b" common
        CustomLog logs\access.log common
    NEVER turn this On, it would create a forward proxy   
        ProxyRequests Off
        ProxyPreserveHost On
    it is important that the proxy uses active protocol used in the
    internet section of the request
        RequestHeader set ClientProtocol https
        Header add P3P CP="NOI"
    we need to answer HTTPS requests, so we need an ssl engine   
        SSLEngine On
    and a cipher suite plus certificate
        SSLCipherSuite ALL:!ADH:!EXPORT56:RC4RSA:HIGH:MEDIUM:LOW:SSLv2:EXP:+eNULL
        SSLProtocol all -SSLv2
    of course these entries have to be adopted
        SSLCertificateFile conf/certs/server.crt
        SSLCertificateKeyFile conf/certs/server.key
        SSLOptions +StdEnvVars
    this is for the bloody MS IE - I don't know why, but they seem to
    have trouble learning in redmond
        BrowserMatch ".MSIE." \
             nokeepalive ssl-unclean-shutdown \
             downgrade-1.0 force-response-1.0
        CustomLog logs/ssl_request.log \
              "%t %h %x %x \"%r\" %b"
    below are the proxied hosts - you always need ProxyPass
    AND ProxyPassReverse otherwise it will not work correctly
    ITS
        #ProxyPass /iac/               http://itsserver:8081/iac/
        #ProxyPassReverse /iac/          http://itsserver:8081/iac/
    direct portal connection              this ought to be the IP
        ProxyPass /irj/               http://10.8.1.14:50000/irj/
        ProxyPassReverse /irj/          http://10.8.1.14:50000/irj/
        ProxyPass /logon/               http://10.8.1.14:50000/logon/
        ProxyPassReverse /logon/          http://10.8.1.14:50000/logon/
    Rewrite Rule in case ICM puts session information in URL
    NEVER REALLY HARMS
        RewriteEngine On
        RewriteRule  ^/(sap\(.*) http://10.8.1.14:50000/$1 [P,L]
        #ProxyPass /chooselogin/          http://10.8.9.0:50000/chooselogin/
        #ProxyPassReverse /chooselogin/     http://10.8.9.0:50000/chooselogin/
    </VirtualHost>

Maybe you are looking for