Reverse Proxy Configuration - Apache as an SSL reverse-proxy
Hi,
We have EP 6.0 SP 14 installed with SSL configured.
We are in need to open the application to internet.
For the same we have set up a reverse proxy server (Apache as SSL
Reverse Proxy).
Our requirement is to open the application to the internet with
web address https://abc.domain.com.
The issue is we are able to access the application from internet only when
https://abc.domain.com/irj/potal is typed.
(ie.) Mapping is working fine for
https://abc.domain.com/irj/portal to
our EP Portal address https://abc2.domain.com:50001/irj/portal
And not working for mapping https://abc.domain.com to our EP Portal
address https://abc2.domain.com:50001/irj/portal
We have been working on to resolve this issue for days together but have been really unsuccessful
Kindly help us in resolving the same asap.
Note : The references we used are:
1. SAP's document:
"Apache Reverse Proxy Configuration for J2ee 6.20 and 6.40 Web Applications"
2. Weblogs:
The Reverse Proxy Series -- Part 1: Introduction
The Reverse Proxy Series -- Part 3: Apache as a reverse-proxy
The Reverse Proxy Series -- Part 3.1: Apache as an SSL reverse-proxy
Regards,
venkat.
Thanks much for the feedback. We're using the default settings on the HTTP rule we have set up for the portal on the ISA server. We'll be looking into the details of what the default rule settings are, however we did find a note in the Microsoft Knowledge base detailing with the ISA server screening high bits in URL strings for Outlook Web Access (OWA). This generates a similar error message. Here is the link to the detailed note on the Microsoft web site:
http://support.microsoft.com/?scid=kb;en-us;837865
Also,we are going to be applying the SP1 upgrade to the ISA server (released in March) to see if this might be some type of issue that may have been identified and corrected by the service pack. We'll see what happens with that.
One area where we can recreate the problem at will is when we set up the system landscape configuration. We can navigate to a system configuration object, however when we attempt to right click to edit the object we get the error. There are other circumstances where we get errors but that is one that occurs for sure. Anyone have any idea as to what might be special about that type of transaction??
Thanks again.
Rich
Similar Messages
-
Automatic Proxy Configuration keeps getting disabled for Manual Proxy Configuration
When ever I launch Firefox 3.6.13, the connection settings get reset to Manual Proxy Configuration. I switch the connection settings to automatic proxy configuration and all works fine. Upon closing and re-launching Firefox the Connection Setting is set back to manual proxy configuration.
See http://kb.mozillazine.org/Preferences_not_saved
-
Configuring Apache HTTP as an RPS
Longback i configured Apache HTTP as an Reverse proxy to weblogic for singlesignon with OAM.
that time i downloaded the Apache HTTP server Plugin from the below link
http://e-docs.bea.com/wls/docs92/plugins/apache.html
but after oracle aquiring the oracle i can not able to find the link for Apache plugin .
can any one please upadte the new url to download APACHE HTTP server pluginHi,
You can download the latest apache plugins from the below link.
http://www.oracle.com/technology/software/products/ias/htdocs/wls_main.html
Click on the "see all files" options of the Oracle WebLogic Server 10.3, and you can download the same under the
Mandatory for 10.3 installers.
Cheers,
Raj -
Configuring Apache HTTP as an RPS to weblogic for SSO on PSFT
Longback i configured Apache HTTP as an Reverse proxy to weblogic for singlesignon with OAM.
that time i downloaded the Apache HTTP server Plugin from the below link
http://e-docs.bea.com/wls/docs92/plugins/apache.html
but after oracle aquiring the oracle i can not able to find the link for Apache plugin .
can any one please upadte the new url to download APACHE HTTP server pluginIt seems the WebLogic Server plug-ins for Apache web server are available for download only through My Oracle Support (MetaLink)
Check below:
http://www.oracle.com/technology/deploy/security/wls-security/2793.html
The page mentions that the web server plug-in is available for download via Doc ID # 7825156.
You can also have a look at http://www.oracle.com/technology/deploy/security/alerts/alert_cve2008-3257.html
Hope this helps. -
Help with Apache Reverse Proxy configuration with SAP Portal and SAP Webgui
Dear Experts,
I have an issue configuring Apache to work with SAP Portal and ERP webgui. Accessing Portal through Reverse Proxy is working fine. But the problem arises when we try to open an iView ERP webgui transaction page from Portal with the Reverse Proxy. Have anyone implemented similar requirements and could advice on the configuration required on the Apache side? Thank youhi,
pls check the below links for reference:
https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/24396589-0a01-0010-3c8c-ab2e3acf6fe2
searchsap.techtarget.com/searchSAP/downloads/chapter-december.pdf
1)Learn to implement the reverse proxy filter and portal gateway in SAP Enterprise Portal 6.0 on Web Application Server 6.40.
https:/.../irj/sdn/nw-portalandcollaboration?rid=/webcontent/uuid/006efe7b-1b73-2910-c4ae-f45aa408da5b
.2 )Configuring the Portal for Your Reverse Proxy Filter Solution . ... This document describes the reverse proxy filter mechanism in SAP Enterprise ...
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/32ad9b90-0201-0010-3c8a-c900cd685f8f
3)have full reverse proxy functionality. Possibly. filter. requests. Internet ... Reverse proxy (optionally with authentication etc.) ...
https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/c066c390-0201-0010-3cba-cd42dfbcc8be
Note:please reward points if solution found helpfull
Regards
Chandrakanth.k -
How To configure Apache As Reverse Proxy for SharePoint Application
Hi,
I recently integrated Apache as ReverseProxy for SharePoint 2010. When accessing the SharePoint application via the reverse proxy url e.g. http://<reverse-proxy-url>/SitePages/Home.aspx the images/css and JavaScript files does not comeup
fine.
I had defined the following mapping in the httpd.conf file.
ProxyPass /SitePages http://<actual-url>/SitePages
<Location /SitePages>
ProxyPassReverse http://<actual-url>/SitePages
SetEnv force-nokeepalive 1
</Location>
Regards,
Bunty RayHi Trevor,
I did not understand your point. Currently i tried the following in the httpd.conf as well, but still did not help
######Mapping SharePoint Server#######
ProxyPass /SitePages http://<actual-url>/SitePages
ProxyPass /WebResource.axd http://<actual-url>/WebResource.axd
ProxyPass /ScriptResource.axd http://<actual-url>/ScriptResource.axd
<Location /SitePages>
SetOutputFilter INFLATE;proxy-html;DEFLATE
ProxyHTMLMeta On
ProxyHTMLEnable On
ProxyHTMLExtended On
ProxyHTMLLogVerbose On
ProxyPassReverse http://<actual-url>/SitePages
ProxyHTMLURLMap /SitePages http://<actual-url>/SitePages ec
ProxyHTMLURLMap http://<actual-url>/SitePages /SitePages ec
SetEnv force-nokeepalive 1
SetEnv force-proxy-request-1.01
SetEnv proxy-initial-not-pooled 1
</Location>
<Location /ScriptResource.axd>
SetOutputFilter INFLATE;proxy-html;DEFLATE
ProxyHTMLMeta On
ProxyHTMLEnable On
ProxyHTMLExtended On
ProxyHTMLLogVerbose On
ProxyPassReverse http://<actual-url>/ScriptResource.axd
ProxyHTMLURLMap /ScriptResource.axd http://<actual-url>/ScriptResource.axd ec
ProxyHTMLURLMap http://<actual-url>/ScriptResource.axd /ScriptResource.axd ec
SetEnv force-proxy-request-1.01
SetEnv force-nokeepalive 1
SetEnv proxy-initial-not-pooled 1
</Location>
<Location /WebResource.axd>
SetOutputFilter INFLATE;proxy-html;DEFLATE
ProxyHTMLMeta On
ProxyHTMLEnable On
ProxyHTMLExtended On
ProxyHTMLLogVerbose On
ProxyPassReverse http://<actual-url>/WebResource.axd
ProxyHTMLURLMap /WebResource.axd http://<actual-url>/WebResource.axd ec
ProxyHTMLURLMap http://<actual-url>/WebResource.axd /WebResource.axd ec
SetEnv force-proxy-request-1.01
SetEnv force-nokeepalive 1
SetEnv proxy-initial-not-pooled 1
</Location>
<Location /_layouts>
SetOutputFilter INFLATE;proxy-html;DEFLATE
ProxyHTMLMeta On
ProxyHTMLEnable On
ProxyHTMLExtended On
ProxyHTMLLogVerbose On
ProxyPassReverse http://<actual-url>/_layouts
ProxyHTMLURLMap /_layouts/1033/styles/Themable http://<actual-url>/_layouts/1033/styles/Themable ec
ProxyHTMLURLMap http://<actual-url>/_layouts/1033/styles/Themable /_layouts/1033/styles/Themable ec
SetEnv force-proxy-request-1.01
SetEnv force-nokeepalive 1
SetEnv proxy-initial-not-pooled 1
</Location>
Regards,
Bunty Ray -
Forward parameters in reverse proxy configuration
Hi,
Looking at the detailed configuration in a reverse proxy rule in SJSWS, I have derived the following conclusions:
1) Where the SJSWS listener has SSL-enabled, reverse proxy works on a HTTPS in, HTTP out basis.
2) Details in the incoming request's SSL header, such as User DN, will be stripped out and remapped into the outgoing request as a custom header, e.g. "Proxy-user-dn".
Can anybody tell me if I have gotten anything wrong above?
We are currently switching over from an Apache/mod_proxy/mod_ssl --> Apache/mod_jk --> Apache Tomcat server setup to a hybrid model where SJSWS is the web server reverse proxying to Tomcat (old apps) and SJSAS (new apps).
My question:
All our apps use the User DN string as the user ID. Previously, we developed a custom module in Apache to read the DN at the Apache level and then rewrite it into the Basic Auth user name header in the outgoing request. The Tomcat webapp will then authenticate the user based on the Basic Auth user name property. Is it possible for me to remap it into something similar here in the SJSWS reverse proxy configuration?
Thanks!
WongI am not a reverse proxy expert, but this Object-type SAF should forward userdn
http://docs.sun.com/app/docs/doc/820-1062/6ncoqnq3b?l=en&a=view&q=forward-user-dn
You can look for more such SAFs in this document. -
WebServer 6.1 SP3 SSL reverse proxy to Sun One Application Server 7
I have an application in the appserver7 that requires SSL authentication. I have already installed a self cert in the appserver7, and the authentication works fine when I browse directly to the appserver.
The appserver7 has both listener for port 80 and 443 enabled.
I'm currently setting up a webserver (WebServer 6.1 SP3) to act as a reverse proxy to the appserver7. The reverse proxy for the basic jsp pages found in the appserver worked fine.
When I try to access the login page, in the appserver, in ssl mode, I am unable to do so. I then try changing the obj.conf to the following, from http to https:
<Object name="passthrough">
ObjectType fn="force-type" type="magnus-internal/passthrough"
Service fn="service-passthrough" method="(GET|HEAD|POST)" servers="https://172.2
8.48.53"
However, it still doesn't work.
Do I need to install a self cert in the webserver and enable the ssl listener as well?
Do I need to install any reverse proxy addon for the appserver? Any
setup for the obj.conf in the appserver?
Any ideas how to get this done?
Thanks.
Mac.The Web Server 6.1 SP3 Reverse Proxy Plugin is supported, but it sounds like you're trying to do something that simply isn't possible.
If you want the Reverse Proxy Plugin to perform SSL mutual authentication with the Application Server using the client's certificate, that's impossible due to the nature of SSL mutual authentication. If the plugin could impersonate the client, then SSL would be vulnerable to MITM (Man In The Middle Attacks). Fortunately, SSL isn't vulnerable to such attacks because the plugin doesn't know the client's private key.
If you simply want the Reverse Proxy Plugin to pass information about the client's certificate along to the Application Server, that hapens automatically. There's nothing special to configure. Note that the plugin will not authenticate to the Application Server in this case. Rather, it will simply copy the X.509 certificate into the proprietary Proxy-auth-cert: HTTP request header.
The application running on the Application Server can inspect the Proxy-auth-cert: header using standard Servlet APIs. Alternatively, you can use Application Server 7's auth-passthrough AuthTrans SAF to cause the contents of the Proxy-auth-cert: header to be copied to the javax.servlet.request.X509Certificate Servlet attribute. -
Non-Oracle Apache as Front-end/reverse proxy?
Hi,
The question I have is kind of OID-related, but I think is more relevant to OAS, so I hope that I'm posting this in the right forum.
We have an existing OID instance, using the Apache 1.3-based OHS, and up till now, users have been accessing the OID/OIDDAS web-interface directly, e.g., by going to http:<hostname>:7777/oiddas, then signing in.
We also have a (non-Oracle OHS) enterprise-wide Apache 2.x-based reverse-proxy, and they want to be able to reverse-proxy through this Apache 2.x to the OID web interface.
We tried adding the <Location> sections to the Apache 2.x reverse proxy, e.g.:
<Location /oiddas>
ProxyPass http://<hostname>:7777/oiddas
ProxyPassReverse http://<hostname>:7777/oiddas
</Location>
<Location /pls>
ProxyPass http://<hostname>:7777/pls
ProxyPassReverse http://<hostname>:7777/pls
</Location>
Then, when we go to http://<apache-2.0-reverse-proxy-hostname>/oiddas, we get the initial page with the "Login" link. But, when we click on the "Login" link, we are getting a "Forbidden" error (HTTP 403 error).
Has anyone configured something like this before? What else do we need to configure in the Apache 2.x reverse-proxy?
Thanks,
JimHi,
I just stood up a new test instance of 10gAS (only one I had the install files for), and I can access the oiddas via port 7777, i.e., http://<hostname>:7777/oiddas.
I setup a reverse-proxy to it on a separate Apache 2.x instance, and it looks like at least part of the problem is that when I access via the proxy, the 10gAS sends back redirects (HTTP 302) responses with Location headers with the original <10gAS_hostname>:7777.
In other words, I do the original access using http:<proxy_hostname>/oiddas, but then when I click the "Login" link, the 10gAS redirects my browser to http://<10gAS_hostname>:7777/pls/orasso (to go to the SSO server).
This doesn't explain why were were seeing the 403 errors at work, but I think that, as suggested in that webpage that I linked earlier, there are re-directs that may not be totally visible going on, i.e., you can't "just" setup the Apache reverse-proxy with the <Location> directives.
Thus far, I haven't been able to replicate the 403 error problem that we had...
Jim -
Printing Issue from ITS with a Reverse Proxy Configured
Hi experts,
We have an enterprise portal landscape which can be accessed from the internet. The URLs are mapped using apache server as a reverse proxy. Also, we have configured the reverse proxy settings for accessing R/3 systems.
When the users try to take the print out from the ITS Web GUI accessed through the enterprise portal, the page redirects itself to an only internally resolvable host name of the R/3 ITS.
Due to this issue, users are not able to take prints from internet.
I would like to know if there is any way by which i can change this to my externally resolvable reverse proxy host address, which in turn can be mapped internally to the original host name at the reverse proxy level.
Can any one help me out in this?
Thanks a lot
ShobinHi Shobin,
SAP note 1145306 might provide some help about directives to be used.
Regards,
Dieter -
SAP Webdispatcher - Reverse Proxy Configuration
Hi All,
Need your help in configuration SAP Webdispatcher as reverse proxy. Currently we are using Apache as reverse proxy, but we are facing 400 Bad Request error and not able to solve the issue.
So We are planning to install Webdispatcher and configure reverse proxy and test.
Below is the Apache Reverse proxy configuration. Need help in configuring the same parameters in SAP Webdispatcher
ProxyPass /sap http://srmerver:8000/sap
ProxyPass /SRM-MDM http://mdmserver:50100/SRM-MDM
ProxyPass /mdmimages http://portalserver:8090/mdmimages
ProxyPass /irj http://portalserver:50100/irj
ProxyPass /saml2 http://portalserver:50100/saml2
ProxyPass / http://portalserver:50100/
ProxyPassReverse /sap http://srmserver:8000/sap
ProxyPassReverse /SRM-MDM http://mdmserver:50100/SRM-MDM
ProxyPassReverse /mdmimages http://portalserver:8090/mdmimages
ProxyPassReverse /irj http://portalserver:50100/irj
ProxyPassReverse /saml2 http://portalserver:50100/saml2
ProxyPassReverse / http://portalserver:50100/
Regards
PonnusamyHi
Kindly refer the SCN link
How to...Configure SAP Webdispatcher as a reverse proxy
http://basisondemand.com/Documents/Whitepaper_on_SAP_Web_Dispatcher.pdf
http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/a015cea3-9627-2e10-a792-8f39e3d0b59d?QuickLink=index&…
Regards
Sriram -
SAPUI5 app and Reverse proxy configuration
Hi
Im trying to configure proxyserver for Cross origin resource sharing issue.
The below steps i have configured in my machine.
1. I have developed an application which consumes data through odata.
2. Download and configured Apache server and enabled proxy module as per this url
http://scn.sap.com/community/developer-center/front-end/blog/2013/06/29/solving-same-origin-policy-issue-in-different-ways
3. In httpd.config file added the below reverse proxy setup
ProxyPass /poodata http://HOSTNAME:8000/sap/opu/odata/sap/Z_PORDER_SRV/
ProxyPassReverse /poodata http://HOSTNAME:8000/sap/opu/odata/sap/Z_PORDER_SRV/
4. Changed my service url as
var serviceUrl = "proxy/http/localhost/poodata";
5. Also i have added java-property-utils-1.9.jar and cors-filter-1.8.jar then
in web.xml i have added Eventhough its seems not neccessary.
<filter>
<display-name>CacheControlFilter</display-name>
<filter-name>CacheControlFilter</filter-name>
<filter-class>com.sap.ui5.resource.CacheControlFilter</filter-class>
</filter>
<filter>
<filter-name>CORS</filter-name>
<filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>
</filter>
6. Finally when i am executing the application throgh http://localhost:9080/SamplePO/ Its working. But Instead of localhost when im using IP address it shows NO DATA and throws the "500 internal server error - only allowed for local testing"
also the application is trying to fetch data from 'http://10.130.41.158:9080/SamplePO/proxy/http/localhost/poodata/$metadata' where the location should be 'http/localhost/poodata/$metadata'.
I want to access this application in my iPAD through WIFI by passing IP address followed by application name (http://10.130.41.158:9080/SamplePO).
Please help me to fix this issue.
Regards
Yokesvaran KumarasamyHi Michael Herzog / DJ Adams / Frank Welz,
It seems you have v.good knowledge on this, can you please help with this issue.
Thanks in Advance
Regards
Yokesvaran Kumarasamy -
Reverse Proxy Configuration - HPVM (Guest)
Hello Unix Champs,
On 11iV3 - Vm Guest - we want to configure this server as reverse proxy
Please share step by step procedure/documents to do same.
Thanks in advance
Regards,
Prashant BehalAssuming your webserver is apache, you have to make the apache proxy-aware. This can be done statically (while building apache from source with --with-proxy option) or dynamically with a LoadModule directive.
Once the above is done, you will need to write these directives in the apache httpd.conf:
ProxyEnable Off
ProxyPass /localurl remote-url
ProxyPassReverse....
In the OAM config, protect /localurl.
For other webservers, read the documentation of that webserver.
Hope this helps. -
Could you please let me know how SharePoint HNSC can be configured with a reverse proxy server so that HNSC Share Point URLs are not exposed to end users.
In normal path based site collections/web applications, reverse proxy configuration can be done using alternate access mappings with Public URL = "proxy URL", internal = "HNSC Share Point URL" so that share point sends response back
to Public URL = "proxy URL".
In Host Named Site Collections, alternate access mappings are not supported. Each HNSC is designed to have only one URL in each zone. Zone is one of the five zones(Default,Intranet,Internet,Custom,Extranet) with each of which only one alternate
URL is associated. This is what we are able to get using power shell command "Set-SPSiteUrl", but this will not help us to get the response back to proxy URL after a request sent to share point because we could not find any mechanism in share
point HNSC to respond to a different URL(proxy URL). Consequently, Share Point URLs are exposed to external users.
Below share point article in MSDN blog is symmetrical to what we are observing with Share Point 2013 and Proxy Server. It mentions that internal HNSC URLs can’t be hidden using any proxy server. If hiding the internal Share Point URLS is a requirement,
it suggests to use a web application instead of host named site collections.
Though I’m also observing the same behavior with Share Point 2013 HNSC, Could you please confirm my understanding is correct.
http://blogs.msdn.com/b/kaevans/archive/2012/03/27/what-every-sharepoint-admin-needs-to-know-about-host-named-site-collections.aspx
Excerpt from above article-
"Host Named Site Collections Only Use One Host Name
Continuing on the discussion on AAMs and host named site collections, you cannot use multiple host names to address a site collection in SharePoint 2010. Because host-named site collections have a single URL, they do not support alternate access mappings and
are always considered to be in the Default zone. This is important if you are using a reverse proxy to provide access to external users. Products like Unified Access Gateway 2010 allow external users to authenticate to your gateway and access a site
as http://uag.sharepoint.com and forward the call to http://portal.sharepoint.com. Remember that URL rewriting is not permitted. Further, a site collection can only respond to one host name. This means if you are using a reverse proxy, it must forward the
calls to the same URL. If your networking team has a policy against exposing internal URLs externally, you must instead use web applications and extend the web application using an alternate access mapping."<u5:p></u5:p>Hi Satish,
You are right that only one URL is allowed for each zone of the host-name site collections in both SharePoint 2010 and SharePoint 2013.
It is by design that each host-name site collection only support one URL for each zone.
The article below is about RTM version of SharePoint, and it is the same for SharePoint 2013 with the latest CU.
https://support.microsoft.com/en-us/kb/2826457
So to make the URL of HNSC not exposed to external users is not supported, you need to use path-based sites instead.
Best regards.
Thanks
TechNet Community Support
Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact
[email protected] -
Something wrong with my SSL reverse proxy config. HELP!
Using Sun ONE Web Proxy Server 3.6-SP6
1. Got Wildcard SSL Certificate from Verisign
2. Ran sec-key
made alias
used password from Verisign
3. Installed certificate
Used "Trusted Certificate Authority (CA)"
Pasted Cert in "Message Text (with headers)"
4. Verified Certificate install in "Manage Certificates."
5. Created regular and reverse mappings.
When I try to turn on encryption, it says:
Unable to read key file (9)
What did I do wrong? I appreciate help from anyone.
-baWhat is the OS ?
If it's Solaris, a truss will give you more details on the error.
Verify the rights on your folder alias and all its contents.
Can we have a more detailled error log file when you try to start the Proxy instance.
Another remark :
In the Admin Guide the scenario is called "Setting up a secure reverse proxy ".
The problem is, that if the Webserver request for Client-Authentication
within the SSL-Handshake the Proxy-Server has to present a cert signed as Client-Cert.
Solution:
- Proxy Server owner has own CA.
Create CSR within Proxy Server and let the CSR be signed as Client Cert.
- Proxy Server owner has not own CA.
Choose a CA which allows to get client certs using CSR (e.g. tctrustcenter)
Create CSR withing Proxy Server, at the common name use your name/Email=your.name@yourdomain
Get the client cert at the CA using this CSR
Import the cert into the Proxy Server.
Create regular and reverse mappings
e.g regular: http://test.content.org https://test.content.org
reverse: https://test.content.org http://test.content.org
Choose "initialize certificates only" at security settings for proxy instance.
Maybe you are looking for
-
Playing videos in music?
Hi. I remember a couple months ago, I did something with a video of mine and it allowed me to play it with my other songs (I gave it 5 stars and it would come up on shuffle in My Top Rated as though it was another song) but now I have another video I
-
Material should not goto quality stock after 105 movement
Hi Guys, when we receive raw materials from vendor. At present in SAP, after Gate Entry u2013 103 movement & Qty. Verification (release GR blocked stock u2013 105 mvmt.), Item goes to under Quality and after Quality releases the same (321 movement),
-
Trying to record a 500*375 end project ... help!
Hi. I'm using TCS, and am using Captivate that comes with it. (v 3.01 build 589). I'm trying to use Captivate to record software demonstrations, and have chosen this tool over Camtasia. I am finding I am limited in a few areas and am hoping it's just
-
Uninstalled CS4 and can't figure out how to get it back
My daughter has been using my copy of CS4 for over a year without issues. Recently however she began to have some kind of issue with the brushes pixelating. We deactivated (just to be safe) and uninstalled then reinstalled. That fixed the problem.
-
Marquee tool width not equal clipboard image width
I'm really stuck with this issue and would like your help. I select an area with the marquee tool, lets say 122 height x 55 width. Then I either edit / copy or Ctrl + C. When I copy the area into a new file, the photoshop suggested file size is alway