OHS to Weblogic Reverse Proxy configuration Problem

Similar Messages

• Reverse Proxy Configuration - Apache as an SSL reverse-proxy

  Hi,
  We have EP 6.0 SP 14 installed with SSL configured.
  We are in need to open the application to internet.
  For the same we have set up a reverse proxy server (Apache as SSL
  Reverse Proxy).
  Our requirement is to open the application to the internet with
  web address https://abc.domain.com.
  The issue is we are able to access the application from internet only when
  https://abc.domain.com/irj/potal is typed.
  (ie.) Mapping is working fine for
  https://abc.domain.com/irj/portal to
  our EP Portal address https://abc2.domain.com:50001/irj/portal
  And not working for mapping https://abc.domain.com to our EP Portal
  address https://abc2.domain.com:50001/irj/portal
  We have been working on to resolve this issue for days together but have been really unsuccessful
  Kindly help us in resolving the same asap.
  Note : The references we used are:
  1. SAP's document:
  "Apache Reverse Proxy Configuration for J2ee 6.20 and 6.40 Web Applications"
  2. Weblogs:
  The Reverse Proxy Series -- Part 1: Introduction
  The Reverse Proxy Series -- Part 3: Apache as a reverse-proxy
  The Reverse Proxy Series -- Part 3.1: Apache as an SSL reverse-proxy
  Regards,
  venkat.

  Thanks much for the feedback. We're using the default settings on the HTTP rule we have set up for the portal on the ISA server. We'll be looking into the details of what the default rule settings are, however we did find a note in the Microsoft Knowledge base detailing with the ISA server screening high bits in URL strings for Outlook Web Access (OWA). This generates a similar error message. Here is the link to the detailed note on the Microsoft web site:
  http://support.microsoft.com/?scid=kb;en-us;837865
  Also,we are going to be applying the SP1 upgrade to the ISA server (released in March) to see if this might be some type of issue that may have been identified and corrected by the service pack. We'll see what happens with that.
  One area where we can recreate the problem at will is when we set up the system landscape configuration. We can navigate to a system configuration object, however when we attempt to right click to edit the object we get the error. There are other circumstances where we get errors but that is one that occurs for sure. Anyone have any idea as to what might be special about that type of transaction??
  Thanks again.
  Rich

• Forward parameters in reverse proxy configuration

  Hi,
  Looking at the detailed configuration in a reverse proxy rule in SJSWS, I have derived the following conclusions:
  1) Where the SJSWS listener has SSL-enabled, reverse proxy works on a HTTPS in, HTTP out basis.
  2) Details in the incoming request's SSL header, such as User DN, will be stripped out and remapped into the outgoing request as a custom header, e.g. "Proxy-user-dn".
  Can anybody tell me if I have gotten anything wrong above?
  We are currently switching over from an Apache/mod_proxy/mod_ssl --> Apache/mod_jk --> Apache Tomcat server setup to a hybrid model where SJSWS is the web server reverse proxying to Tomcat (old apps) and SJSAS (new apps).
  My question:
  All our apps use the User DN string as the user ID. Previously, we developed a custom module in Apache to read the DN at the Apache level and then rewrite it into the Basic Auth user name header in the outgoing request. The Tomcat webapp will then authenticate the user based on the Basic Auth user name property. Is it possible for me to remap it into something similar here in the SJSWS reverse proxy configuration?
  Thanks!
  Wong

  I am not a reverse proxy expert, but this Object-type SAF should forward userdn
  http://docs.sun.com/app/docs/doc/820-1062/6ncoqnq3b?l=en&a=view&q=forward-user-dn
  You can look for more such SAFs in this document.

• SAP Webdispatcher - Reverse Proxy Configuration

  Hi All,
  Need your help in configuration SAP Webdispatcher as reverse proxy. Currently we are using Apache as reverse proxy, but we are facing 400 Bad Request error and not able to solve the issue.
  So We are planning to install Webdispatcher and configure reverse proxy and test.
  Below is the Apache Reverse proxy configuration. Need help in configuring the same parameters in SAP Webdispatcher
  ProxyPass /sap http://srmerver:8000/sap
  ProxyPass /SRM-MDM  http://mdmserver:50100/SRM-MDM
  ProxyPass /mdmimages http://portalserver:8090/mdmimages
  ProxyPass /irj http://portalserver:50100/irj
  ProxyPass /saml2 http://portalserver:50100/saml2
  ProxyPass / http://portalserver:50100/　
  ProxyPassReverse /sap http://srmserver:8000/sap
  ProxyPassReverse /SRM-MDM  http://mdmserver:50100/SRM-MDM
  ProxyPassReverse /mdmimages http://portalserver:8090/mdmimages
  ProxyPassReverse /irj  http://portalserver:50100/irj
  ProxyPassReverse /saml2 http://portalserver:50100/saml2
  ProxyPassReverse /  http://portalserver:50100/
  Regards
  Ponnusamy

  Hi
  Kindly refer the SCN link
  How to...Configure SAP Webdispatcher as a reverse proxy
  http://basisondemand.com/Documents/Whitepaper_on_SAP_Web_Dispatcher.pdf
  http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/a015cea3-9627-2e10-a792-8f39e3d0b59d?QuickLink=index&…
  Regards
  Sriram

• Reverse Proxy Configuration Help

  I am running OFM 11.1.1.6.
  Web Cache is running on port 8888.
  Portal's OHS (the WebCache origin server) is running on 7777.
  Reports' OHS (for /reports/rwservlet) is running on 8890.
  Non-Oracle Apache 2.2 is running as a reverse SSL proxy for Portal on port 443.
  I want to configure this reverse proxy so that it appears to the end user that the reports server is also running in HTTPS on port 443, instead of on port 8890. Can anyone please give me a tip on how to set this up?
  In my httpd.conf for my Apache reverse proxy server, I have this within my main SSL virtual host:
  ProxyPassReverse / http://hostname:8888/
  ProxyPreserveHost On
  RewriteEngine On
  RewriteRule ^/(.*) http://hostname:8888/$1 [P]Do I need to add an additional virtual host for the proxy to the reports server? Or can I include it in this same virtual host? I've tried the following, but couldn't get it to work:
  ProxyPassReverse /reports/rwservlet/ http://hostname:8890/reports/rwservlet/
  ProxyPassReverse / http://hostname:8888/
  ProxyPreserveHost On
  RewriteEngine On
  RewriteRule ^/reports/rwservlet/(.*) http://hostname:8890/reports/rwservlet/$1 [P]
  RewriteRule ^/(.*) http://hostname:8888/$1 [P]Any guidance is appreciated.

  In case anyone finds this, this is how I got it all working:
  In httpd.conf for the Apache reverse proxy:
  ProxyPreserveHost On
  RewriteEngine On
  RewriteRule ^/reports/(.*) http://hostname:8890/reports/$1 [P]
  ProxyPassReverse /reports http://hostname:8890/reports
  RewriteRule ^/(.*) http://hostname:8888/$1 [P]
  ProxyPassReverse / http://hostname:8888/In the Portal OHS's httpd.conf:
  NameVirtualHost *:7777
  <VirtualHost *:7777>
       ServerName https://hostname
       RewriteEngine On
       RewriteOptions inherit
       UseCanonicalName On
       OssoConfigFile E:/ora11/product/portal_instance/config/OHS/ohs1/osso/osso_ssl.conf
       OssoIpCheck off
       OssoSecureCookies off
       OssoIdleTimeout off
  </VirtualHost>In the reports server's httpd.conf:
  NameVirtualHost *:8890
  <VirtualHost *:8890>
       ServerName https://hostname
       RewriteEngine On
       RewriteOptions inherit
       UseCanonicalName On
       OssoConfigFile E:/ora11/product/reports_instance/config/OHS/ohs1/osso.conf
       OssoIpCheck off
       OssoSecureCookies off
       OssoIdleTimeout off
  </VirtualHost>You can use the same osso.conf for both reports and portal. Make sure to register with SSO specifying https://hostname as the registered URL.

• Apache Reverse Proxy: Domain problem

  Hi,
  I have a problem with Apache Reverse Proxy (Apache 2.2) and SAP Enterprise Portal 6.0.
  I configured Apache as a Reverse Proxy Server (with SSL)so that the portal is accessible through the internet. Everything is working fine but the OWA integration doesn't work over the Reverse Proxy.
  If I log on to <u>http://portalsrv.mydomain.xx:12345/irj</u> the OWA integration works fine with SSO and there is no problem with session management.
  If I log on to <u>https://revproxy.mydomain.zz:1234/irj</u> and want to open Outlook I get the message that Session management doesn't work. However the other components like ESS work fine. Deactivating the DSM Logger is not a solution to this problem.
  The Log tells me:
  1.
  Application domain 'mydomain.xx' differs from Portal domain 'mydomain.zz'.
  Session Management will not work for Application 'abc.mydomain.xx'
  2.
  Application schema 'http' differs from Portal schema 'https'.
  Session Management will not work for Application 'abc.mydomain.xx'
  Is there a possibility to write a Rewrite-Rule in the Apache-Conf?
  For instance:
  https://abc.mydomain.xx --> http://abc.mydomain.zz
  Does anybody made such a rule?
  I hope anybody can help me with the problem.
  Thank you

  Hi Daniel,
  ok I`ll try to find a solution in parallel and keep you up to date.
  In the following my settings in case I missed something:
  <VirtualHost test.firma.de:443>
  SSLEngine on
  SSLProxyEngine on
  SSLCertificateFile /apache/keys/pac_ssl_qep_dmz_server.crt
  SSLCertificateKeyFile /apache/keys/pac_ssl_qep_dmz_server.key
  ServerName test.firma.de:443
  ServerAdmin [email protected]
  LogLevel debug
  ErrorLog logs/ssl_443_error
  CustomLog logs/ssl_443_access_log common
  ProxyVia Off
  ProxyPreserveHost On
  ReWriteEngine on
  ReWriteLogLevel 0
  ReWriteLog logs//ssl_443_rewrite_http.log
  ProxyPass / https://backend.firma.de:50001/
  ProxyPassReverse / https://backend.firma.de:50001/
  </VirtualHost>
  Regards, Jens

• Help with Apache Reverse Proxy configuration with SAP Portal and SAP Webgui

  Dear Experts,
  I have an issue configuring Apache to work with SAP Portal and ERP webgui. Accessing Portal through Reverse Proxy is working fine. But the problem arises when we try to open an iView ERP webgui transaction page from Portal with the Reverse Proxy. Have anyone implemented similar requirements and could advice on the configuration required on the Apache side? Thank you

  hi,
  pls check the below links for reference:
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/24396589-0a01-0010-3c8c-ab2e3acf6fe2
  searchsap.techtarget.com/searchSAP/downloads/chapter-december.pdf
  1)Learn to implement the reverse proxy filter and portal gateway in SAP Enterprise Portal 6.0 on Web Application Server 6.40.
  https:/.../irj/sdn/nw-portalandcollaboration?rid=/webcontent/uuid/006efe7b-1b73-2910-c4ae-f45aa408da5b
  .2 )Configuring the Portal for Your Reverse Proxy Filter Solution . ... This document describes the reverse proxy filter mechanism in SAP Enterprise ...
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/32ad9b90-0201-0010-3c8a-c900cd685f8f
  3)have full reverse proxy functionality. Possibly. filter. requests. Internet ... Reverse proxy (optionally with authentication etc.) ...
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/c066c390-0201-0010-3cba-cd42dfbcc8be
  Note:please reward points if solution found helpfull
  Regards
  Chandrakanth.k

• Reverse Proxy Redirection Problem

  Hi all
  recently I installed sun one app server 8.1 sp2 as back end server and sun one web server 6.1 sp5 as the front end.
  I also installed the reverse proxy plugin (provided by sun) correctly. the infrastructure is something like this:
  web = http://aaa.com/mypath
  app = http://bbb.com/mypath
  client => web => app server
  so when client type http://aaa.com/mypath, it will eventually executed http://bbb.com/mypath, but in the client browser still maintain http://aaa.com/mypath
  so far so good.
  but when the client executed http://aaa.com/mypath/myredirect.html (where myredirect.html is javascript redirection to certain html in my app server), the web server will execute http://bbb.com/mypath/myredirect.html, which eventually the html will be redirected to http://bbb.com/mypath/myfinalresult.html.
  the problem is now on the client browser the url becomes http://bbb.com/mypath/myfinalresult.html. all i want is the url to be pointing to web server, that is http://aaa.com/mypath/myfinalresult.html
  how to solve this problem? is it possible to do reverse mapping with passthrough library? any help is greatly appreciated! Thx !!
  Cheers,
  kami

  Hi All,
  Good Morning. Please calrify the below issue about reverse proxy. ( The redirection is not happening from WebServer to AppServer)
  - I have installed the one WebServer with below configuration.
  - Installed Sun ONE Web Server 6.1SP6 with Sun ONE Web Server 6.1SP3 Reverse Proxy Plugin.
  - This is my obj.conf file:
  NameTrans fn="assign-name" from="/wps" name="passthrough1"
  <Object name="passthrough1">
  Service type="magnus-internal/passthrough"
  fn="service-passthrough"
  servers="http://<AppServer>:9081/wps/"
  </Object>
  - This is magnus.conf file:
  Init fn=flex-init access="$accesslog" format.access="%Ses->client.ip% - %Req->vars.auth-user% [%SYSDATE%] \"%Req->reqpb.clf-request%\" %Req->srvhdrs.clf-status% %Req->srvhdrs.content-length%"
  Init fn="load-modules" shlib="/opt/SUNWwbsvr/bin/https/lib/libj2eeplugin.so" shlib_flags="(global|now)"
  Init fn="load-modules" shlib="/opt/SUNWwbsvr/plugins/passthrough/libpassthrough.so"
  When I am trying to access the WebServer URL http://<WebServer>:<port>/wps/ is not redirting to AppServer URL i.e (http://<AppServer>:9081/wps/).
  - Please find the log file as below :-
  [26/Nov/2006:10:52:11] warning ( 5727): for host 172.16.5.63 trying to GET /wps/, send-file reports: HTTP4142: can't find /opt/SUNWwbsvr/docs/wps/ (File not found)
  - I am confusing it searching the "wps" directory under the doc root directory.
  Kindly help to suggest me to resolve the issue.
  Thanks a lot in advance.
  Best Regards
  Elayaraja.K

• Reverse Proxy Configuration - (HPVM Guest) - 11iV3

  Hello Unix Champs,
  On 11iV3 - Vm Guest -  we want to configure this server as reverse proxy
  Please share step by step procedure/documents to do same.
  Thanks in advance
  Regards,
  Prashant Behal

  Hi,
  In addition to Luca's comment in order to determine if the farm is actually working correctly in the first instance, did you disable or remove the old server farm?
  Can you also confirm that there are no static routes in place on the IIS ARR box?
  Kind regards
  Ben
  Note: If you find a post informative, please mark it so using the arrow to the left. If it answers a question you've asked, please mark the thread as answered to aid others when they're looking for solutions to similar problems or queries.

• Printing Issue from ITS with a Reverse Proxy Configured

  Hi experts,
  We have an enterprise portal landscape which  can be accessed from the internet. The URLs are mapped using apache server as a reverse proxy. Also, we have configured the reverse proxy settings for accessing R/3 systems.
  When the users try to take the print out from the ITS Web GUI accessed through the enterprise portal, the page redirects itself to an only internally resolvable host name of the R/3 ITS.
  Due to this issue, users are not able to take prints from internet.
  I would like to know if there is any way by which i can change this to my externally resolvable reverse proxy host address, which in turn can be mapped internally to the original host name at the reverse proxy level.
  Can any one help me out in this?
  Thanks a lot
  Shobin

  Hi Shobin,
  SAP note 1145306 might provide some help about directives to be used.
  Regards,
  Dieter

• Reverse proxy setup problems

  I am trying to setup a reverse proxy using iPlanet Web Proxy Server 3.6. I have followed the instructions in the manual which seems pretty straight forward but nothing is happening. I am getting no traffic at all between any of the boxes involved. I have been using apache before without any problems but wanted to move to something more scaleable as I would like to have multiple reverse proxys. Can anyone give any suggestions as to what might be wrong. Thanks.

  Have you tried thius technote ===>
  http://knowledgebase.iplanet.com/ikb/kb/articles/1173.html
  The reverse proxy setup requires regular mappings and reverse mappings. Regular mappings re-map the requested URL to the actual origin
  server. The reverse mappings re-map Location: headers coming back in 3xx redirections.
  In some cases, customers have sent technical support obj.conf files with the mapping entries in the wrong order. All of the
  "reverse-map" functions should be placed before the "map" functions.
  There maybe two causes:
  1.Hand editing of the obj.conf files
  Use the admin interface to create reverse proxy map entires.
  2.Old versions of Admin Server
  There may have been problems with creating reverse proxy maps in Proxy 2.x, which used Admin Server 2.x. This problem doee not
  occur with Admin 3.5.
  Example:
  NameTrans fn="reverse-map" from="http://www.news.com"
  to="http://kwikimart.mcom.com:8080/news"
  NameTrans fn="map" from="http://kwikimart.mcom.com:8080/news"
  to="http://www.news.com"
  NameTrans fn="map" from="/news" to="http://www.news.com"
  Note the "reverse-map" function appears before the "map" functions.

• Reverse Proxy configuration

  Hi ,
  Shall I know to configure the reverse proxy server in DMZ along with HTTPS to HTTP redirection.
  Regards,
  Satyanarayana

  Please check, this is specific to Oracle EBS, but good doc to understand on Reverse Proxy
  Case History: Implementing a Reverse Proxy Alone in a DMZ Configuration - R12 (Doc ID 726953.1)

• CSS Reverse Proxy Rule problem if caches suspended breaks web site

  Hi
  Another perplexing problem we've had tonight:
  2 x CSS11000 with 2 x CE560's providing Reverse Proxy Cache to a front end web server. During testing we had both CE services "suspended" but not the RCP content rule. So in my theory this rule couldn't work because it's services were not available. However, the CSS continued to hit this content rule and hence broke the web side. We then suspended the RPC rule, all traffic was forced to use the directtoserver rule and things worked again.
  The question this poses, and we will be testing this on Monday is....if the caches are "down" rather than "suspended" does the same thing happen....and is this a bug (because I cant help thinking thats not what ithe CSS should be doing) or something else.
  Anyone come across this ?
  Thanks
  Simon

  Simon,
  I think the answer to your question comes down to whether the content rule is considered "down" or not. When the caches are down, what does a "show rule" show as a status of the content rule. If the rule is down, the CSS should not even respond to the clients request via the vip unless there is another content rule containing the same vip (L3, L4 etc..)
  Maybe the keepalive types need to be changed. For example, using icmp for a keepalive type and shutting down port 80 on a webserver will NOT signify to the CSS that the services is down.
  If the rule is down and still increasing hit counts, then this would be some type of bug.
  Regards
  Pete Knoops
  Cisco Systems

• SAPUI5 app and Reverse proxy configuration

  Hi
  Im trying to configure proxyserver for Cross origin resource sharing issue.
  The below steps i have configured in my machine.
  1. I have developed an application which consumes data through odata.
  2. Download and configured Apache server and enabled proxy module as per this url
  http://scn.sap.com/community/developer-center/front-end/blog/2013/06/29/solving-same-origin-policy-issue-in-different-ways
  3. In httpd.config file added the below reverse proxy setup
  ProxyPass /poodata http://HOSTNAME:8000/sap/opu/odata/sap/Z_PORDER_SRV/
  ProxyPassReverse /poodata http://HOSTNAME:8000/sap/opu/odata/sap/Z_PORDER_SRV/
  4. Changed my service url as
  var serviceUrl = "proxy/http/localhost/poodata";
  5. Also i have added java-property-utils-1.9.jar and cors-filter-1.8.jar then
  in web.xml i have added Eventhough its seems not neccessary.
    <filter>
    <display-name>CacheControlFilter</display-name>
    <filter-name>CacheControlFilter</filter-name>
    <filter-class>com.sap.ui5.resource.CacheControlFilter</filter-class>
    </filter>
    <filter>
    <filter-name>CORS</filter-name>
    <filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>
    </filter>
  6. Finally when i am executing the application throgh http://localhost:9080/SamplePO/ Its working. But Instead of localhost when im using IP address it shows NO DATA and throws the "500 internal server error - only allowed for local testing"
  also the application is trying to fetch data from 'http://10.130.41.158:9080/SamplePO/proxy/http/localhost/poodata/$metadata' where the location should be 'http/localhost/poodata/$metadata'.
  I want to access this application in my iPAD through WIFI by passing IP address followed by application name (http://10.130.41.158:9080/SamplePO).
  Please help me to fix this issue.
  Regards
  Yokesvaran Kumarasamy

  Hi Michael Herzog /  DJ Adams / Frank Welz,
  It seems you have v.good knowledge on this, can you please help with this issue.
  Thanks in Advance
  Regards
  Yokesvaran Kumarasamy

• Reverse Proxy Configuration - HPVM (Guest)

  Hello Unix Champs,
  On 11iV3 - Vm Guest -  we want to configure this server as reverse proxy
  Please share step by step procedure/documents to do same.
  Thanks in advance
  Regards,
  Prashant Behal

  Assuming your webserver is apache, you have to make the apache proxy-aware. This can be done statically (while building apache from source with --with-proxy option) or dynamically with a LoadModule directive.
  Once the above is done, you will need to write these directives in the apache httpd.conf:
  ProxyEnable Off
  ProxyPass /localurl remote-url
  ProxyPassReverse....
  In the OAM config, protect /localurl.
  For other webservers, read the documentation of that webserver.
  Hope this helps.