Problem using Reverse Proxy Filter

Similar Messages

• Reverse Proxy Filter for EP7?

  Hi! on
  https://websmp208.sap-ag.de/nw-ep-how-to,
  we notice an article called:
  "How to… Configure the Reverse Proxy Filter for SAP Enterprise Portal 6.0 SP2"
  Did anyone use the method there to resolve their problems?
  If so, would you please share your experience?
  We have a question about what code should be put in the web.xml.
  Points guaranteed. Thanks!

  It appears that the Light Portal Framework in EP 7.0 uses FQDN in the anchors (<A>) on the pages it sends back to the Client Browser (not relative URI's).
  This could be a configuration setting somewhere that I missed, however, I would expect the Light Framework to be the best at making sure links are relative.
  I would like to explore all options, from making our Reverse Proxy Server handle the filtering to making sure Portal sends back a valid link.
  If the Reverse Proxy Filter is not available in EP 7.0, what can I do to replace it's functionality?
  Mike

• Why do we use reverse proxy for Oracle RAC Cluster setup

  Hello All,
               I got this question lately.. "why do we use reverse proxy for Oracle RAC Cluster setup". I know we use the reverse proxy at Middleware level for multiple security reasons.
  Thanks..

  "why do we use reverse proxy for Oracle RAC Cluster setup".
  I wouldn't. I wouldn't use a proxy of any sort for the Cluster Interconnect for sure.
  Cheers,
  Brian

• Problems with apex and anychart (using reverse proxy)

  Hi,
  Im using 2 Servers. The first with Apache2 and the /i/ directory and the second with a Oracle XE Database.
  The imagedirectory is at the first server.
  Heres my Apache Setup:
  <Location /apex>
  Options None
  Order allow,deny
  allow from all
  ProxyPass http://..(remote_ip)..:8080/apex
  ProxyPassReverse http://..(remote_ip)..:8080/apex
  </Location>
  Alias /i/ /var/i/
  <Directory "/var/i/">
  Options None
  AllowOverride None
  Order allow,deny
  Allow from all
  </Directory>
  if I open a page with a anychart chart I get this error:
  "Flash Security Error
  Anychart can not be launched due to Flash Security Settings violation.
  Please refer to Security error Article in Anychart Documentation..."
  http://www.anychart.com/products/anychart/docs/users-guide/index.html?security-error.html
  I think I have to place a crossdomain.xml
  Placing the crossdomain.xml in example.com/ root-directory doesn't work?
  thanks for any help

  Hi Christoph,
  Yes, the APEX Listener works with Oracle XE. The APEX Listener is currently an Early Adopters release, and is available for download from here: http://www.oracle.com/technology/products/database/application_express/html/apex_listener_download.html. I would recommend reviewing the accompanying Installation Guide before proceeding. There's an 'APEX Listener Feedback' thread - APEX Listener Feedback - which may also proof useful to you. There's also another related thread on this topic: Re: #HOST# Substituin incorrect for charts via Reverse Proxy which discusses the replacement of the #HOST# substitution string.
  Regards,
  Hilary

• Issues in ssl configuration with apache server (using reverse proxy)

  Hi,
  I am able to use apache server as a reverse proxy to connect to Portal. When I enter the web server url as https://mywebserver.com, I am able to connect to the http url of the Portal. But the moment I try to connect to the https url of Portal with this https url, I am not able to connect to the Portal. Thus I am not able to use apache as a proxy server for https connections it makes. What must I do. I read that mod_proxy_connect needs to be used, but how do I use this?
  The second problem is that I need to use more than one kind of mapping.
  For example I must be redirected to the Portal even if I use http://webserver.com , or even if I use https://webserver.com or even if I use http://webserver.com/irj or https://webserver.com/irj or http://ipaddress-websserver/irj etc

  I have SSLCertificateFile and
  and SSLCertificateKeyFile .
  My problem is with regard to ssl/CertificateChainFile?
  what is this? Also how do I upload my J2EE Certificate into apache.
  The problem is with Apache handshake is not happening.
  I am forwarding the entire log during . I have put what I consider important in bold.Please have a look.
  <b>----
  </b>
  Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1769): OpenSSL: Handshake: start
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1777): OpenSSL: Loop: before/connect initialization
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1777): OpenSSL: Loop: SSLv2/v3 write client hello A
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1512): OpenSSL: read 7/7 bytes from BIO#629160 [mem: 47855a8] (BIO dump follows)
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1459): ----
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0000: 16 03 01 04 1a 02                                ......           |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1488): | 0007 - <SPACES/NULS>
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1490): ----
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1512): OpenSSL: read 1048/1048 bytes from BIO#629160 [mem: 47855af] (BIO dump follows)
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1459): ----
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0000: 00 36 03 01 44 74 67 cb-38 b5 8e 42 3b 59 c3 6c  .6..Dtg.8..B;Y.l |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0010: 23 5c 07 d0 8b 24 89 89-11 2e 0d 80 ed 1a 06 ea  #
  ...$.......... |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0020: 1d 10 b0 59 10 28 7c b4-02 cb d6 08 a8 e4 ea 5a  ...Y.(|........Z |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0030: e5 88 5c 5d 90 00 39 00-0b 00 01 cc 00 01 c9 00  ..
  ]..9......... |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0040: 01 c6 30 82 01 c2 30 82-01 2b a0 03 02 01 02 02  ..0...0..+...... |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0050: 04 36 0b 23 72 30 0d 06-09 2a 86 48 86 f7 0d 01  .6.#r0...*.H.... |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0060: 01 04 05 00 30 14 31 12-30 10 06 03 55 04 03 13  ....0.1.0...U... |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0070: 09 6c 6f 63 61 6c 68 6f-73 74 30 1e 17 0d 30 33  .localhost0...03 |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0080: 31 30 30 32 30 37 32 35-30 30 5a 17 0d 30 35 31  1002072500Z..051 |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0090: 30 30 32 30 37 32 35 30-30 5a 30 14 31 12 30 10  002072500Z0.1.0. |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 00a0: 06 03 55 04 03 13 09 6c-6f 63 61 6c 68 6f 73 74  ..U....localhost |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 00b0: 30 81 9f 30 0d 06 09 2a-86 48 86 f7 0d 01 01 01  0..0...*.H...... |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 00c0: 05 00 03 81 8d 00 30 81-89 02 81 81 00 ef d6 ff  ......0......... |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 00d0: a6 39 e1 64 a5 d3 fb 16-de 4e ee 1d 81 84 31 bc  .9.d.....N....1. |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 00e0: e6 b7 96 07 3e 81 b9 94-d1 c1 e0 f9 00 3a 84 e8  ....>........:.. |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 00f0: 7a 30 11 cd 41 26 d6 6c-95 90 93 95 17 e0 1a b7  z0..A&.l........ |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0100: 00 0f 59 33 7d 1d f3 a0-83 17 c5 f3 7e b3 ad ed  ..Y3}.......~... |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0110: c9 60 ac af 9e 31 d2 ec-42 71 f9 c3 98 2e 93 f9  .`...1..Bq...... |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0120: 9d c3 c4 3d b3 7d 9b 97-83 1c 6b bd c0 75 cc 96  ...=.}....k..u.. |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0130: dc b9 a0 1b 00 79 85 e4-19 1f 61 42 54 db 91 94  .....y....aBT... |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0140: d8 1d 72 13 08 36 22 49-3b fb 05 dc 33 02 03 01  ..r..6"I;...3... |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0150: 00 01 a3 21 30 1f 30 1d-06 03 55 1d 0e 04 16 04  ...!0.0...U..... |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0160: 14 ed ed 02 af 94 13 59-1c 42 e6 69 40 e5 80 dd  .......Y.B.i@... |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0170: a4 e9 33 91 02 30 0d 06-09 2a 86 48 86 f7 0d 01  ..3..0...*.H.... |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0180: 01 04 05 00 03 81 81 00-2c 22 08 bd 71 b6 80 43  ........,"..q..C |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0190: 5a 2a 8b e8 62 34 b4 b4-84 8a 47 4b 97 5e bf dd  Z*..b4....GK.^.. |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 01a0: 17 4c 0a 1c b7 0e cd c5-d1 cc d8 77 cd 38 10 ef  .L.........w.8.. |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 01b0: 22 02 f0 02 7f a2 39 2b-53 eb 31 b6 18 49 37 a0  ".....9+S.1..I7. |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 01c0: 50 47 f2 34 ab 33 eb 5f-ec 5a f9 f7 53 5f 27 eb  PG.4.3._.Z..S_'. |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 01d0: 02 7f b4 28 3e e8 b1 c7-59 df 2c 93 25 c5 34 14  ...(>...Y.,.%.4. |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 01e0: 7a 34 7c 45 b4 eb 6b 34-93 26 98 51 37 d3 e6 b0  z4|E..k4.&.Q7... |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 01f0: 7f 83 e3 a9 04 d3 47 b3-3d de 43 57 27 45 82 c0  ......G.=.CW'E.. |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0200: 4d 48 bf c0 a7 2f 66 0c-0c 00 02 08 00 80 af 76  MH.../f........v |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0210: 1f f5 f6 48 a0 01 0f ed-55 4c 53 9a 7c 07 7a ba  ...H....ULS.|.z. |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0220: c7 9d 77 e8 8b c7 66 8f-80 03 18 c5 1f 4f 2a a0  ..w...f......O*. |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0230: 08 6f 9f e3 13 94 30 56-e7 2f 96 7c 26 97 ba 12  .o....0V./.|&... |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0240: aa fd 3e 43 e1 46 c2 d1-32 94 56 45 52 c0 24 6f  ..>C.F..2.VER.$o |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0250: 38 e0 93 0f 3a f8 0a 7c-41 0e 4c 54 4f 5a 7e d4  8...:..|A.LTOZ~. |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0260: 62 e6 71 cd a0 dc 1e 9b-17 e5 10 71 3c 9d c6 39  b.q........q<..9 |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0270: 05 50 b6 15 37 0b 68 4f-24 50 74 47 13 1c 74 d8  .P..7.hO$PtG..t. |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0280: 81 27 81 71 3a 4a c5 26-7d b8 e6 21 b3 d9 00 80  .'.q:J.&}..!.... |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0290: 4f 6f 5d e6 2d dc 77 46-e6 77 b1 94 3d 65 5b b0  Oo].-.wF.w..=e[. |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 02a0: 3d 39 7a 6c a2 c7 0b e3-27 08 fa 48 8d 75 1a fe  =9zl....'..H.u.. |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 02b0: 32 e6 13 d1 31 65 7d d5-11 34 21 78 38 d1 11 fb  2...1e}..4!x8... |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 02c0: ea 59 8e 24 79 5a 4b c2-f7 98 22 51 9f a7 4d 2b  .Y.$yZK..."Q..M+ |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 02d0: 15 98 fe d4 43 4b 34 25-b3 9b b3 ae 57 d1 ea 69  ....CK4%....W..i |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 02e0: 6e 02 7e 61 d7 80 b6 73-6a 3e ac eb 69 38 67 8f  n.~a...sj>..i8g. |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 02f0: a9 2a dc 93 3d 22 f3 6e-6a 5d 51 1f b1 b1 10 5e  .*..=".nj]Q....^ |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0300: 82 28 48 0d 5a 78 f8 17-61 e0 c5 43 61 7a 42 6a  .(H.Zx..a..CazBj |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0310: 00 80 42 fa 7e 11 b2 77-3a 8c de f1 52 5a e1 18  ..B.~..w:...RZ.. |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0320: d4 e7 8f ee 2c e0 06 ef-d5 37 87 62 07 14 d1 5a  ....,....7.b...Z |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0330: ca 30 be fd dd 76 47 8f-ed f4 5f f3 64 6c 32 a9  .0...vG..._.dl2. |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0340: d5 07 e2 9b f1 29 a3 bf-33 4a ed 72 6b 2e c3 0f  .....)..3J.rk... |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0350: 30 bd 13 a1 42 d8 f7 1d-58 8a 1c 53 d6 c3 c8 6e  0...B...X..S...n |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0360: 0e 51 e3 f5 a0 37 68 0d-04 c6 0e c4 4d cc ed 7c  .Q...7h.....M..| |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0370: ef 8f 81 b3 52 34 0c 60-eb f8 01 19 cc 95 31 55  ....R4.`......1U |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0380: 7d 16 bf 0c df b8 e0 3d-8f 7c 7a 4a 64 98 93 59  }......=.|zJd..Y |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0390: eb ae 00 80 ef cb bc 38-ab 16 0e a2 b2 2d fa 0f  .......8.....-.. |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 03a0: da 55 2d 67 a8 b8 34 1b-bf 39 d9 d6 da 65 f2 8f  .U-g..4..9...e.. |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 03b0: 6f a2 b1 1d db bb d5 dd-ab cf 9e 63 00 e4 57 a5  o..........c..W. |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 03c0: 18 4a dc 60 b0 97 5d 67-34 96 bf a2 43 2b 7d 70  .J.`..]g4...C+}p |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 03d0: d6 99 d2 31 d2 11 f4 f2-19 b8 0c 41 7d bf b1 7c  ...1.......A}..| |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 03e0: fb 31 cb 3e c2 0a e2 26-1a 7e 63 50 9b 62 c3 82  .1.>...&.~cP.b.. |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 03f0: ca cd 36 82 0c 56 5f 26-f6 cc c6 6f 03 92 cc f5  ..6..V_&...o.... |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0400: 6b 55 1a d6 92 f9 5b 59-18 c2 62 21 eb d8 a4 ea  kU....[Y..b!.... |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0410: fd b6 3e f7 0e                                   ..>..            |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1488): | 1048 - <SPACES/NULS>
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1490): ----
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1777): OpenSSL: Loop: SSLv3 read server hello A
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1207): Certificate Verification: depth: 0, subject: /CN=localhost, issuer: /CN=localhost
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1207): Certificate Verification: depth: 0, subject: /CN=localhost, issuer: /CN=localhost
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1207): Certificate Verification: depth: 0, subject: /CN=localhost, issuer: /CN=localhost
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1777): OpenSSL: Loop: SSLv3 read server certificate A
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1777): OpenSSL: Loop: SSLv3 read server key exchange A
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1777): OpenSSL: Loop: SSLv3 read server done A
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1777): OpenSSL: Loop: SSLv3 write client key exchange A
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1777): OpenSSL: Loop: SSLv3 write change cipher spec A
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1777): OpenSSL: Loop: SSLv3 write finished A
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1777): OpenSSL: Loop: SSLv3 flush data
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1512): OpenSSL: read 5/5 bytes from BIO#629160 [mem: 47855a8] (BIO dump follows)
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1459): ----
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0000: 15 03 01 00 02                                   .....            |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1490): ----
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1512): OpenSSL: read 2/2 bytes from BIO#629160 [mem: 47855ad] (BIO dump follows)
  Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1459): ----
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1484): | 0000: 02 28                                            .(               |
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_io.c(1490): ----
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1782): OpenSSL: Read: SSLv3 read finished A
  [Wed May 24 07:03:54 2006] [debug] ssl_engine_kernel.c(1801): OpenSSL: Exit: failed in SSLv3 read finished A
  [Wed May 24 07:03:54 2006] [info] SSL Proxy connect failed
  [Wed May 24 07:03:54 2006] [info] SSL Library Error: 336151568 error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure
  [Wed May 24 07:03:54 2006] [info] Connection to child 249 closed with abortive shutdown(server apacheserver:443, client j2eeserver)
  [Wed May 24 07:03:54 2006] [error] (20014)Error string not specified yet: proxy: pass request body failed to j2eeserver:50001 (j2eeserver)
  [<b>Wed May 24 07:03:54 2006] [error] (20014)Error string not specified yet: proxy: pass request body failed to j2eeserver:50001 (j2eeserve) from apacheserver ()
  [Wed May 24 07:04:10 2006] [debug] ssl_engine_io.c(1523): OpenSSL: I/O error, 5 bytes expected to read on BIO#612610 [mem: 62ac80]
  [Wed May 24 07:04:10 2006] [info] (OS 10060)A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.  : SSL input filter read failed.
  [Wed May 24 07:04:10 2006] [debug] ssl_engine_kernel.c(1787): OpenSSL: Write: SSL negotiation finished successfully
  [Wed May 24 07:04:10 2006] [info] Connection to child 249 closed with standard shutdown(server apacheserver:443, client apacheserver)
  </b>

• Unable to set session in Oracle Portal useing reverse proxy

  I have deployed a reverse proxy (using Oracle HTTP Server) in front of a Oracle Portal Install (version 10.1.2.0.2). The steps followed to set this up came from the following documents:
  Steps mentioned in Section 9.2 Configuring a Reverse Proxy for OracleAS Portal and OracleAS Single Sign-On for a reverse proxy on a Oracle HTTP Server.
  http://download-west.oracle.com/docs/cd/B14099_15/core.1012/b13998/variants.htm#ASTED005
  Also performed steps mentioned in -> Section 5.3.7 - Step 7: Enable Session Binding on OracleAS Web Cache of the Oracle® Application Server Portal Configuration Guide 10g Release 2 (10.1.2) -- B14037-03.
  My current (example names shown only)setup details are as follows:
  Reverse Proxy for SSO server (running on internal.oracle.com:7777): proxy.oracle.com:7777
  Reverse Proxy for Portal server (running on internal.oracle.com:7778): proxy.oracle.com:7778
  With the above steps completed, I can successfully use the http://proxy.oracle.com:7777/pls/orasso for login into SSO without any issues.
  Users get authenticated successfully.
  I can also use http://proxy.oracle.com:7778/pls/portal for viewing pages on the portal fine . All self referencing links have also been successfully modified to point to proxy.oracle.com:7778.
  However, an attempt to login in the portal is not successful. Clicking on the 'Login' link successfully redirects to the SSO login page (http://proxy.oracle.com:7777/<login-page>). However, after successful authentication, the success page fails to show up and the user gets shown the initial login portal home page again.
  There are no error messages shown on the screen.But it seems that user session is failing to be initiated/set correctly, as shown by the log file (in $PORTAL_ORACLE_HOME/j2ee/OC4J_Portal/application-deployments/portal/OC4J_Portal_default_island_1/application.log ):
  06/11/21 16:49:31 portal: [module=RepositoryServlet, ecid=83928411196,1] Repository Gateway: LWUser: PUBLIC, Cookie: oracle.uix=0^^GMT+10:00;
  portal=9.0.3+en-au+us+AUSTRALIA+22BC75924EEAD8A2E040007F010019F7+8DAC5E3559C95F5E0090A6F56FFA58192CB0F437CA57A9102A6394F1EB7FAB5DEE3BFA12C65
  91C0C009B6......
  06/11/21 16:49:31 portal: [module=RepositoryServlet, ecid=83928411196,1] ERROR: Repository Gateway error: Database Error: ORA=20001 ORA-20001:
  Unable to obtain session information from the cookie. Please close your browser and reconnect.
  ORA-06512: at "PORTAL.WPG_SESSION", line 149
  ORA-06512: at line 22
  Any help with this will be appreciated.
  Thanks.

  Hi Chris,
  The begin of the expection stack gives you the reason:
  06/11/03 09:13:59 java.sql.SQLException: The method 'setSavepoint' cant be called when a global transaction is active
  The reason is, that either the whole global transaction must be commited or rollbacked.
  I don't know your actual configuration, but between the methods begin() and commit()/rollback() of the UserTransaction instance, OC4J/OracleAS uses a global transaction (= XA transaction) in your configuration. The state of a global transactions is completely under the control of the application server and several restrictions must be considered. One of them is, that you can't use the method setSavePoint/. E.g. you can't also call the method setAutoCommit(true) in this state, or change the transaction isolation level via setTransactionIsolation(newLevel).
  This is NOT a limitation of the OC4J/OracleAS but is true for ALL application servers.
  P.S. I can successfully set savepoints and rollback to savepoints in weblogic 9.0This means, that WebLogic 9.0 doesn't use a global transaction in this case.
  Because I don't know your configurations (Oracle and WebLogic) I can't say, why the behave different in this situation.
  Best,
  Manfred

• Enterprise portal access using reverse proxy using Apache and webdispatcher

  Hi Guys,
  As requirement, we need to give solution to customer about Reverse proxy scenario. I am new to this part.
  What we have think of to use Apache and Web dispatcher.
  I tried to search documents and found some sdn links also but still i am not comfortable to go about.
  Need suggestion and document if anyone has used so far.reverse proxy.
  As basis person, we need to do all ( Apache installation, Apache configuration, Web dispatcher installation and configuration, integration with EP.)
  It will helpful to me if i can get Apache installation, Apache configuration part and integration with EP, or web dispatcher, configuration etc.
  Thanks,
  Deepak

  We used Netscaler for Reverse Proxy implementation and can assure you that network team performed most of the set ups. This was on EP 7.01.
  From BASIS stand point it would be primarily Web Dispatcher Configuration.
  Also refer the links I specified in another thread. There are several scenarios discussed there -
  Re: Post values for userid and passowrd fields in logon page
  http://wiki.sdn.sap.com/wiki/display/BSP/Using+Proxies
  ~ Dhanz

• BI FPN using Reverse proxy

  Hi,
  We are integrating BI reports using FPN to main portal that is accesed using WebSeal. We have BI, Portal running on same box. There is a junction " /irj " defined in webseal for portal and another junction "/sapbi"for BI system. when we access the reports directly using portal url, we are able to see report and it works fine. When we access portal through webseal url then we are able to see the report but when we click on any button it comes up with exception.
  does anybody got any idea, why we are facing this issue with reverse proxy access.
  we are on BI7 and EP7.
  Regards
  Ravindra

  Hi,
  Which SP you are on?
  Consumer and producer portals must reside in the same domain.
  FIXED with SAP NetWeaver 7.0 SPS 09: This can be achieved using reverse proxies that support portals in multiple domains. A detailed document that describes how to implement a federated portal network whereby the producer and the consumer are not in the same domain, is available at https://www.sdn.sap.com/irj/sdn/howtoguides SAP NetWeaver 2004s, User Productivity Enablement, Running an Enterprise Portal.
  Reverse proxy is not supported: Despite being documented in the release notes as supported, usage of a reverse proxy in FPN scenario has not been validated. Reverse proxy as part of the FPN environment is not supported when using remote role assignment.
  FIXED with SAP NetWeaver 7.0 SPS 09: A configuration guide provides instructions on how to implement a federated portal network with reverse proxy as part of the environment (can be found at: https://www.sdn.sap.com/irj/sdn/howtoguides SAP NetWeaver 2004s, User Productivity Enablement, Running an Enterprise Portal, "How to Set up Federated Portal Network Scenarios with Reverse Proxies").
  Refer SAP Note: 880482 - Central Note: Federated Portal Network (SAP NetWeaver 7.0)
  Regards,
  Anagha

• Using reverse proxy for load balancing

  Hello,
  i have succesfully configured a reverse proxy ( Sun Web Server 7 ) to balance load between two application servers ( Sun Application Server 9.1), however i do not want randon assignment of requests using a round robin algorithm ( default option in Sun Web Server 7) but rather i want to apply a 80/20 rule so that one application server will receive 80% of the requests and the other will receive 20%.
  Is there a way of performarming such a task.
  your help is really appreciated.
  thank you

  thank you for the reply,
  actually i tried it yesterday and it seems to work.
  in my reverse proxy settings i added one server two times and the other once and 66% of the requests were forwarded to the first server.
  now i have enabled the scenario that you are mentioning above and i so far requests seem to be proceced using the 80% 20% scenario.

• Using reverse proxy and terminating ssl on them

  Hello
  I am trying to set up IAS 9.03 on 2 machines one holding the infrastructure and one holding the midtier.
  We want to terminate the ssl traffic on reverse proxys on apache. I am not very good at this so i am looking for a solution i read that you can do this in the whitepapers on the subject IAS.
  Much thanks for any answer.
  Boris

  1) So initially we had the following:
  <Object name="reverse-proxy-/">
  Route fn="set-origin-server" server="http://server-backend"
  </Object>
  ... and when getting a 401 from the back-end server it would seem that entering credentials in the dialog prompt does not work as is OOB; had it worked we would not have attempted anything further and hence this post would not exist... if we directly access the back-end server our credentials work so that is not the issue.
  2) I agree that the "set-basic-auth" directive should be removed - as it is clearly to supply a user id and password - what was provided was a far fetched attempt to get this to work and will clearly remove it as well as the "forward-proxy-agent" and "forward-proxy-auth"
  When you configure Web Server 7.0 as a reverse proxy, basic auth should work out of the box. If it doesn't, I recommend looking at the HTTP messages to figure out what's gone wrong. If you don't know how to do that and you have a support contract, Sun support should be able to help you.That is interesting - is this OOB feature documented anywhere?
  I'll turn up the log level on the RP and see what happens - if I turn it high enough should I be able to see the request headers being forwarded; I'll also try to look at the backend server logs. Is there anything else you suggest - i.e. should be trying to snoop the traffic....

• Problems with ESS when using reverse proxy

  Hello, we are using an F5 Local Traffic Manager to load balance traffic to a SAP ERP portal.  Everything works just fine, until you click on the Employee Self Service tab.  By default, it should just take you into the employee self service page, but instead it give's you another log in page.  If you try and log in, the server will not let you, because it thinks you are already logged in.  I believe this might be a redirect problem on the ESS side, but wanted to get other opinions first, and work form there to a resolution. 
  Thanks,
  -GW

  Hi Timo,
  I'm also facing the exact problem, did you find a fix for this? If yes could you please share that with me.
  Regards
  Vaib

• Problems using the letterbox filter

  Hello,
  I am having a problem compressing from Final Cut via Compressor into an Mpeg-1 file. I shot (and edited) in 16:9 but the Mpeg-1 files turn out squeezed up in 4:3.
  I was advised that the letterbox filter would be a way round it but when I go into the Inspector window and eventually find a way to stop all the settings being greyed out, when I change them and save them, including selecting letterbox filter, then submit the job, nothing is any different. The finished mpeg is still squeezed into 4:3 with no letterbox.
  Any advice that would help me solve this problem? Unfortunately I don’t know Compressor very well (as is probably obvious) and don’t find it at all easy to work out.
  Many thanks in advance,
  Sasha

  If you're looking at a setting in the Inspector, you're looking at one of two things; the original setting from the "Settings" window-- this one is not modifiable-- or the modifiable copy of that setting that you're using on your asset (the video you're compressing, in the batch window). Click on the setting over your video in the batch window to work with the modifiable version.
  A good "basics of Compressor" tutorial might benefit you. Apple has a few on their website.

• Has anyone had problems using the Graduated Filter in Lightroom 4.1?

  I have tried many times to get the graduated filter to work on DNG's and any file extensions
  and I am having trouble with it. Anyone with suggestions? I have looked at tutorials and still to no avail
  Cheers
  From DesignJannette

  Can you explain a little bit more ,eventually show us a screenshot ?
  Did you switch it to OFF ? see:
  Frans

• Access Mac Mini Server (profile management) through reverse proxy

  Hi,
  Newbie in Mac's world and yet trying to make it more complicated as it is.
  As we recently (last month) decided to equip our sales force with iPads, they were configured through Apple Configurator tool running on a dedicated Mac Mini Mountain Lion.
  Now, I'd be keen in moving this configuration to the Profile Manager, part of the OSx Server plugin. So far so good.
  Problem is the following : another web server is already on the LAN using both 80 and 443 ports. So all incoming traffic on those ports was routed to this other server. As Mac Mini Server default http/s ports may not be altered, I installed a reverse proxy server (Oracle VM - Ubuntu 12.04LTS - pound), configured to deal differently traffic on those ports according to the domain name (host) of the web request (header). Each 'local' server has been allocated a domain name. Just to be clear, traffic is now routed by the WAN/LAN router, for those ports, towards the reverse proxy, configured to reroute the traffic to the correct destination.
  So far so good, it works like a charm, except... as soon as we enter https protocol on Mac Mini Server Profile Manager.
  Access from an iDevice to the Mac Mini Server Profile Manager login page is fine, but as soon as password is confirmed, safari is pending and finally a message 'An internal serer error occured. Please try later again' appears.
  Looking to both reverse proxy system log and Mac Mini profilemanager.log files to trace the problem, the following lines are produced at this particular moment :
  reverse proxy system.log
  Jan 15 14:44:03 reverseproxy pound: 91.... GET /devicemanagement/console/apple_theme_v2/en/da56af0a69e733b259dac3991419fa928b4 94a56/resources/images/sprites/me_controls.png HTTP/1.1 - HTTP/1.1 200 OK
  Jan 15 14:44:03 reverseproxy pound: 91.... GET /auth?redirect=http://osxsrv.fiks.net/devicemanagement/api/authentication/callback HTTP/1.1 - HTTP/1.1 302 Moved Temporarily
  Jan 15 14:44:04 reverseproxy pound: 91.... GET /devicemanagement/api/authentication/callback?auth_token=336952DE-BDDE-4390-82F 7-8475B79FB2D3 HTTP/1.1 - HTTP/1.1 302 Moved Temporarily
  Jan 15 14:44:04 reverseproxy pound: (b7680b40) e500 can't read header
  Jan 15 14:44:04 reverseproxy pound: (b7680b40) e500 response error read from 192.168....:443/GET /profilemanager/ HTTP/1.1: Success (0.007 secs)
  Jan 15 14:44:08 reverseproxy pound: 91.... POST /devicemanagement/api/magic/get_updated HTTP/1.1 - HTTP/1.1 200 OK
  OSx Server profilemanager.log
  Jan 15 14:44:05 osxsrv ProfileManager[1748] <Info>: Processing MagicController#do_magic (for 91.... at 2013-01-15 14:44:05) [POST]Jan 15 14:44:05 osxsrv ProfileManager[1749] <Info>: Processing MagicController#do_magic (for 91.... at 2013-01-15 14:44:05) [POST]
  Jan 15 14:44:06 osxsrv ProfileManager[1748] <Info>: Completed in 492ms (View: 0, DB: 6) | 200 OK [http://osxsrv.../magic/do_magic]
  Jan 15 14:44:06 osxsrv ProfileManager[1749] <Info>: Completed in 687ms (View: 0, DB: 5) | 200 OK [http://osxsrv..../magic/do_magic]
  Jan 15 14:44:07 osxsrv ProfileManager[1750] <Info>: auth_token doesn't exist
  Jan 15 14:44:07 osxsrv ProfileManager[1750] <Info>: Filter chain halted as [:verify_auth_token] rendered_or_redirected.
  Jan 15 14:44:07 osxsrv ProfileManager[1751] <Info>: Processing MagicController#do_magic (for 91.... at 2013-01-15 14:44:07) [POST]
  Jan 15 14:44:07 osxsrv ProfileManager[1751] <Info>: auth_token doesn't exist
  Jan 15 14:44:07 osxsrv ProfileManager[1751] <Info>: Filter chain halted as [:verify_auth_token] rendered_or_redirected.
  Jan 15 14:44:07 osxsrv ProfileManager[1751] <Info>: Completed in 4ms (View: 1, DB: 14) | 403 Forbidden [http://osxsrv..../magic/do_magic]
  Jan 15 14:44:07 osxsrv ProfileManager[1748] <Info>: Processing MagicController#do_magic (for 91.... at 2013-01-15 14:44:07) [POST]
  Jan 15 14:44:07 osxsrv ProfileManager[1748] <Info>: auth_token doesn't exist
  Jan 15 14:44:07 osxsrv ProfileManager[1748] <Info>: Filter chain halted as [:verify_auth_token] rendered_or_redirected.
  Jan 15 14:44:07 osxsrv ProfileManager[1748] <Info>: Completed in 45ms (View: 1, DB: 43) | 403 Forbidden [http://osxsrv..../magic/do_magic]
  Jan 15 14:44:07 osxsrv ProfileManager[1750] <Info>: Processing MagicController#do_magic (for 91.... at 2013-01-15 14:44:07) [POST]
  Jan 15 14:44:07 osxsrv ProfileManager[1750] <Info>: auth_token doesn't exist
  Jan 15 14:44:07 osxsrv ProfileManager[1750] <Info>: Filter chain halted as [:verify_auth_token] rendered_or_redirected.
  Jan 15 14:44:07 osxsrv ProfileManager[1750] <Info>: Completed in 55ms (View: 0, DB: 1) | 403 Forbidden [http://osxsrv..../magic/do_magic]
  Jan 15 14:44:08 osxsrv ProfileManager[1749] <Info>: Processing AuthenticationController#callback (for 91.... at 2013-01-15 14:44:08) [GET]
  Jan 15 14:44:08 osxsrv ProfileManager[1749] <Info>: Redirected to https://osxsrv..../profilemanager/
  Jan 15 14:44:08 osxsrv ProfileManager[1749] <Info>: Completed in 149ms (DB: 5) | 302 Found [http://osxsrv..../authentication/callback?auth_token=[FILTERED]]
  I guess the '302 Found' is causing or explaining the problem.
  I agree this might not be a Mac issue, so I still knock your doors hoping some of you could at least give a hint for what to search for !
  If the pound configuration file is of interest, just ask, but this is pretty trivial, saying basically listen these protocols (http/https) on these ports (80/443) and according to Header content (check destination host) and reroute packet to LAN device (with given LAN IP address).
  As the default port(s) of the Mac Mini Web Services may not be altered (so far I know), I guess I am stuck using 80 and 443 anyway.
  Maybe should I invest time in changing my other apache server ports to some more exotic 8080 or 88 or whatever so Mac Mini Server Profile Manager default ports 80 and 443 are maintained and can be easily and directly rerouted to my Mac server without any reverse proxy along the way.
  Thanks in advance for your help
  Alx

  HI All,
  i'm also using reverse proxy technique to publish my server to the internet. The ip is used by twice domains. The problem is by using the profile manager
  after login it redirects the url to the Local Area network addresse instead to the domain.
  How to configure this on OS X Server and the Profile Manager Service?
  Kind Regards
  Oemer

• Controls_ie5.js file not completely downloadable through reverse proxy

  Hi,
  We have EP6.0 SP11 implemented in our production and we have setup Apache as reverse proxy server.
  With RP, url for portal is http://salesportal.company.com/irj
  Internal URL would be http://mirag.company.com:50000/irj
  We have set rewriting rule in Apache and proxy filter in portal web.xml.
  System was working perfectly with SP09 with Reverse Proxy. Last week i upgraded the sytem to SP11 and after that i seem to get lot of error message refering to java script controls_ie5.js.
  Problem is, when I login to portal with RP url it get java script error at lower left cornor of IE. But if I login with internal URL, I do not get any JS error and the server works seamless. We could find out that we are not able to download controls_ie5.js file using RP URL. Only partial file is getting downloaded to IE Temp. Internet Files folder.
  Any help is appreciated. Thanks.
  best regards,
  Vishnu

  Don't use the reverse proxy filter - it is deprecated for NW04 in favor of the http provider service (of the dispatcher) parameter "ProxyMappings". See help.sap.com for more details on ProxyMappings.
  Do an http trace of the request for the .js, also check your compression, keep-alive, and chunking settings in your VisAdmin to see if something got out of whack on the upgrade.
  Nick