LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 01-30-2018, 10:55 PM   #1
divyashree
Senior Member
 
Registered: Apr 2007
Location: bbsr,orissa,India
Distribution: RHEL5 ,RHEL4,CENT OS5,FEDORA,UBUNTU
Posts: 1,373

Rep: Reputation: 135Reputation: 135
apache reverse proxy config


I have 3 Machines which I am configuring this way to work.

MachineA(https) -> MachineB(reverseproxy) -> MachineC(App)

MachineA - The public facing load balancer where SSL certificate is installed MachineB - Apache http server to which the request from MachineA will be redirected and will be forwarded to Application server using mod_wls MachineC - Weblogic Application server where app is deployed

I have configured my MachineB http config this way:



Code:
  LoadModule weblogic_module modules/mod_wl.so
    RewriteEngine On
    RewriteCond %{HTTPS} on
    RewriteRule ^$ http://%{HTTP_HOST} [L,R]
    
    <IfModule mod_weblogic.c>
        ProxyPreserveHost   On
        RewriteEngine       On
        WebLogicCluster wlsrv:7001
        Debug ALL
        MatchExpression /
        DebugConfigInfo ON
        WLLogFile /var/log/wlproxy-qa.log
     <Location /console>
        SetHandler weblogic-handler
        ProxyPass http://wlsrv:7001/console
        ProxyPassReverse http://wlsrv:7001/console
     </Location>
     <Location /App1>
        SetHandler weblogic-handler
        ProxyPass http://wlsrv:7001/App1
        ProxyPassReverse http://wlsrv:7001/App1
     </Location>
    </IfModule>
The requests are coming to access the first webpage from application, but after that the URI is not getting forwarded correctly and giving 400.

Is the configuration of MachineB, correct to handle this ?

Last edited by divyashree; 01-30-2018 at 11:48 PM.
 
Old 01-31-2018, 04:07 AM   #2
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,566

Rep: Reputation: 1794Reputation: 1794Reputation: 1794Reputation: 1794Reputation: 1794Reputation: 1794Reputation: 1794Reputation: 1794Reputation: 1794Reputation: 1794Reputation: 1794
Quote:
The requests are coming to access the first webpage from application, but after that the URI is not getting forwarded correctly and giving 400.
You should first check the apache error_log, but most likely it's an error from the backend, so check also logs of the weblogic server.

I'm not familiar with weblogic, but I see that you're using the apache plugin for your server, so I guess you don't need to configure apache as a reverse proxy, but rather use the plugin to serve the requests.

Read the plugin documentation and pay attention to the examples.

Regards
 
Old 01-31-2018, 07:52 AM   #3
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 21,959

Rep: Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827
Quote:
Originally Posted by divyashree View Post
I have 3 Machines which I am configuring this way to work.
MachineA(https) -> MachineB(reverseproxy) -> MachineC(App)

MachineA - The public facing load balancer where SSL certificate is installed MachineB - Apache http server to which the request from MachineA will be redirected and will be forwarded to Application server using mod_wls MachineC - Weblogic Application server where app is deployed I have configured my MachineB http config this way:
Code:
  LoadModule weblogic_module modules/mod_wl.so
    RewriteEngine On
    RewriteCond %{HTTPS} on
    RewriteRule ^$ http://%{HTTP_HOST} [L,R]
    
    <IfModule mod_weblogic.c>
        ProxyPreserveHost   On
        RewriteEngine       On
        WebLogicCluster wlsrv:7001
        Debug ALL
        MatchExpression /
        DebugConfigInfo ON
        WLLogFile /var/log/wlproxy-qa.log
     <Location /console>
        SetHandler weblogic-handler
        ProxyPass http://wlsrv:7001/console
        ProxyPassReverse http://wlsrv:7001/console
     </Location>
     <Location /App1>
        SetHandler weblogic-handler
        ProxyPass http://wlsrv:7001/App1
        ProxyPassReverse http://wlsrv:7001/App1
     </Location>
    </IfModule>
The requests are coming to access the first webpage from application, but after that the URI is not getting forwarded correctly and giving 400. Is the configuration of MachineB, correct to handle this ?
You have a somewhat similar thread FOUR YEARS ago:
https://www.linuxquestions.org/quest...ps-4175496400/
 
Old 02-01-2018, 12:01 AM   #4
divyashree
Senior Member
 
Registered: Apr 2007
Location: bbsr,orissa,India
Distribution: RHEL5 ,RHEL4,CENT OS5,FEDORA,UBUNTU
Posts: 1,373

Original Poster
Rep: Reputation: 135Reputation: 135
Quote:
Originally Posted by TB0ne View Post
You have a somewhat similar thread FOUR YEARS ago:
https://www.linuxquestions.org/quest...ps-4175496400/
Thank you TB0ne. This is not similar to that, else I wouldn't have asked. Here the MachineA(the loadbalancer where ssl certificate is installed) is not in my control and is mapped to a port of MachineB(apache http server) and MachineA works as a secure public gateway.

The connection between MachineB(Apache http) and MachineC(weblogic) is working without any issue.

Problem here is the traffic coming from the MachineA(loadbalancer) is https and response from MachineB(Apache http) is plain http, so the URI is no getting created correctly in browser outside loadbalancer. And for this I had asked the question.

Last edited by divyashree; 02-01-2018 at 12:07 AM.
 
Old 02-01-2018, 12:05 AM   #5
divyashree
Senior Member
 
Registered: Apr 2007
Location: bbsr,orissa,India
Distribution: RHEL5 ,RHEL4,CENT OS5,FEDORA,UBUNTU
Posts: 1,373

Original Poster
Rep: Reputation: 135Reputation: 135
Quote:
Originally Posted by bathory View Post
You should first check the apache error_log, but most likely it's an error from the backend, so check also logs of the weblogic server.

I'm not familiar with weblogic, but I see that you're using the apache plugin for your server, so I guess you don't need to configure apache as a reverse proxy, but rather use the plugin to serve the requests.

Read the plugin documentation and pay attention to the examples.

Regards
Thank you bathroy. There is no issue with the weblogic plugin, as here connection between MachineB and MachineC is working smoothly. Problem here is the URI creation request and response between MachineB(Plain http server acts as a frontend to weblogic) and MachineA(Simple loadbalancer where SSL cert is installed)
 
Old 02-01-2018, 03:35 AM   #6
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,566

Rep: Reputation: 1794Reputation: 1794Reputation: 1794Reputation: 1794Reputation: 1794Reputation: 1794Reputation: 1794Reputation: 1794Reputation: 1794Reputation: 1794Reputation: 1794
Quote:
Originally Posted by divyashree View Post
Thank you bathroy. There is no issue with the weblogic plugin, as here connection between MachineB and MachineC is working smoothly. Problem here is the URI creation request and response between MachineB(Plain http server acts as a frontend to weblogic) and MachineA(Simple loadbalancer where SSL cert is installed)
So check the apache logs for the request from the loadbalancer to see if you find anything.
 
Old 02-01-2018, 08:31 AM   #7
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 21,959

Rep: Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827
Quote:
Originally Posted by divyashree View Post
Thank you TB0ne. This is not similar to that, else I wouldn't have asked. Here the MachineA(the loadbalancer where ssl certificate is installed) is not in my control and is mapped to a port of MachineB(apache http server) and MachineA works as a secure public gateway.

The connection between MachineB(Apache http) and MachineC(weblogic) is working without any issue.

Problem here is the traffic coming from the MachineA(loadbalancer) is https and response from MachineB(Apache http) is plain http, so the URI is no getting created correctly in browser outside loadbalancer. And for this I had asked the question.
It is similar, because:
  • You're asking about redirects/load balancing
  • You're asking about Apache
  • You've asked about reverse proxies before
So after many years of work with this software, your 'certification', and ostensibly other skills....you cannot diagnose this issue, even though you've worked with it before?
 
Old 02-01-2018, 12:14 PM   #8
divyashree
Senior Member
 
Registered: Apr 2007
Location: bbsr,orissa,India
Distribution: RHEL5 ,RHEL4,CENT OS5,FEDORA,UBUNTU
Posts: 1,373

Original Poster
Rep: Reputation: 135Reputation: 135
Quote:
Originally Posted by TB0ne View Post
It is similar, because:
  • You're asking about redirects/load balancing
  • You're asking about Apache
  • You've asked about reverse proxies before
So after many years of work with this software, your 'certification', and ostensibly other skills....you cannot diagnose this issue, even though you've worked with it before?
Thank you Guru. There is nothing to do with certifications here as every situations is unique.

Last time it was the issue with https -> Jboss and this time issue was with the reverse response from httpslb -> http -> weblogic.
Here httpslb is a simple LB which doesnt support anything but only port mapping which was messing the URL outside and I proposed to put a http in between to resolve the URL mess . As I always feel strong with the support of forums like linuxquestions from where I started learning linux since when I was a student.

No one knows everything else forum wouldnt have exist. This kind of configs I dealt with only 2 times in so many years, So I had asked the question, if some one might have faced this kind of issue or to get any hint.

By the way this issue is resolved with below simple http configuration and I am pasting the solution which might help others.

Code:
LoadModule weblogic_module modules/mod_wl.so
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule ^$ http://%{HTTP_HOST} [L,R]




<IfModule mod_weblogic.c>
 <VirtualHost *:80>
   ServerName https://lbhost.com:9001
   RewriteEngine       On
   RewriteOptions inherit
   RewriteRule ^/$ /console [PT]
   Debug ALL
   MatchExpression /
   DebugConfigInfo ON
   WLLogFile /var/log/httpd/wlproxy-qa.log
   KeepAliveEnabled ON
   KeepAliveSecs  15
   WLProxySSLPassThrough ON

<Location /console>
   SetHandler weblogic-handler
   WebLogicHost wlscontainerhost
   WeblogicHost 7001
   WLSRequest On
   ProxyPass http://wlscontainerhost:7001/console
   ProxyPassReverse http://wlscontainerhost:7001/console
</Location>
<Location /app1>
   SetHandler weblogic-handler
   WebLogicHost wlscontainerhost
   WeblogicPort 7001
   ProxyPass http://wlscontainerhost:7001/app1
   ProxyPassReverse http://wlscontainerhost:7001/app1
</Location>

<Location /app2>
   SetHandler weblogic-handler
   WebLogicHost wlscontainerhost
   WeblogicPort 7001
   ProxyPass http://wlscontainerhost:7001/app2
   ProxyPassReverse http://wlscontainerhost:7001/app2
</Location>
<Location /app3>
   SetHandler weblogic-handler
   WebLogicHost wlscontainerhost
   WeblogicPort 7001
   ProxyPass http://wlscontainerhost:7001/app3
   ProxyPassReverse http://wlscontainerhost:7001/app3
</Location>
</VirtualHost>
</IfModule>

Last edited by divyashree; 02-01-2018 at 01:05 PM.
 
Old 02-01-2018, 01:24 PM   #9
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 21,959

Rep: Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827Reputation: 5827
Quote:
Originally Posted by divyashree View Post
Thank you Guru. There is nothing to do with certifications here as every situations is unique.
Yes, they are; however, when they're VERY SIMILAR, you have years of experience and 'certifications', you should be able to work through such very similar problems, rather than asking others.
Quote:
Last time it was the issue with https -> Jboss and this time issue was with the reverse response from httpslb -> http -> weblogic.
Here httpslb is a simple LB which doesnt support anything but only port mapping which was messing the URL outside and I proposed to put a http in between to resolve the URL mess . As I always feel strong with the support of forums like linuxquestions from where I started learning linux since when I was a student.

No one knows everything else forum wouldnt have exist. This kind of configs I dealt with only 2 times in so many years, So I had asked the question, if some one might have faced this kind of issue or to get any hint.
And by actually learning and thinking about what you've done in the past, that's how you can solve your own problems. No one is saying you should know everything, but after several years, 'certifications' and experience, making a minor change to something you're familiar with shouldn't involve having others work on it. What prevented you from doing/trying anything, rather than asking us to implement your machine config and TELL YOU if it was right?
Quote:
By the way this issue is resolved with below simple http configuration and I am pasting the solution which might help others.
Code:
LoadModule weblogic_module modules/mod_wl.so
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule ^$ http://%{HTTP_HOST} [L,R]

<IfModule mod_weblogic.c>
 <VirtualHost *:80>
   ServerName https://lbhost.com:9001
   RewriteEngine       On
   RewriteOptions inherit
   RewriteRule ^/$ /console [PT]
   Debug ALL
   MatchExpression /
   DebugConfigInfo ON
   WLLogFile /var/log/httpd/wlproxy-qa.log
   KeepAliveEnabled ON
   KeepAliveSecs  15
   WLProxySSLPassThrough ON

<Location /console>
   SetHandler weblogic-handler
   WebLogicHost wlscontainerhost
   WeblogicHost 7001
   WLSRequest On
   ProxyPass http://wlscontainerhost:7001/console
   ProxyPassReverse http://wlscontainerhost:7001/console
</Location>
<Location /app1>
   SetHandler weblogic-handler
   WebLogicHost wlscontainerhost
   WeblogicPort 7001
   ProxyPass http://wlscontainerhost:7001/app1
   ProxyPassReverse http://wlscontainerhost:7001/app1
</Location>

<Location /app2>
   SetHandler weblogic-handler
   WebLogicHost wlscontainerhost
   WeblogicPort 7001
   ProxyPass http://wlscontainerhost:7001/app2
   ProxyPassReverse http://wlscontainerhost:7001/app2
</Location>
<Location /app3>
   SetHandler weblogic-handler
   WebLogicHost wlscontainerhost
   WeblogicPort 7001
   ProxyPass http://wlscontainerhost:7001/app3
   ProxyPassReverse http://wlscontainerhost:7001/app3
</Location>
</VirtualHost>
</IfModule>
Looks similar to what you've done in the past, and what you posted originally. Glad its working
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Nginx Reverse proxy on a internal apache reverse server ITiger Linux - Software 0 04-25-2014 07:44 AM
apache reverse proxy chris9 Linux - Server 1 04-05-2012 08:41 AM
reverse proxy config help redsnapperke Linux - Newbie 1 10-06-2009 03:36 AM
Apache as Reverse Proxy LR_Brian Linux - Server 4 02-17-2009 11:33 AM
reverse proxy with apache 2 bootiack Linux - Software 1 08-09-2005 06:47 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 11:26 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration