dcsimg

Reverse Proxying and Redirection issue.

Created May 7, 2012

Luigi Viggiano

Additional Information

We have configured Apache as a reverse proxy, to connect one of our internal application and database servers to the internet.
Now we have problems with JSP-based applications and rewrite commands which were issued from those apps:

The Login page is avaliable under
  http://reverse-proxy.domain.de/login/index.jsp
if the username and password fields are filled and the submit button is pressed, the JSP login page wants to redirect to the start page of the application. The effect is, that the user who connects to the login page via the reverse proxy gets a redirect command to
  http://appserver.internal.domain.de/app/start.jsp
This should be
  http://reverse-proxy.domain.de/app/start.jsp

The infrastructure is as follows:

  • Reverse-Proxy:
    • Apache 1.3.20 with mod_rewrite and mod_proxy enabled
    • Operating System: Sun Solaris 2.7
  • Application Server:
    • Apache 1.3.22 with mod_jk enabled
    • Tomcat 3.2.4
    • Operating System: Sun SOlaris 2.8
Can someone tell me, how to
  • rewrite the JSP pages or
  • reconfigure Tomcat (that is preferred) (installed "out of the box", the only modification was to change the "noCookies" parameter in the class SessionInterceptor in server.xml from false to true).
in order to reach the goal, that users via the reverse proxy will see the correct start page?

I noticed this problem also. The real "context path" and the reverse proxy "context path" must match to let Tomcat to keep the SessionID.
Also, if you are using <jsp:forward/> or RequestDispatcher.forward() everything should work with relative paths. When your application uses response.sendRedirect(), the full path needs to be used.

I was writing redirects in this way: 


    response.sendRedirect(request.getContextPath() +
        "/anagrafe/view/pop_anagrafica.jsp" +
        "?codice=" + codice);
but that caused problems (request.getContextPath() returned the proxied server instead of the proxier, if I'm remember correctly), and the clients were unable to get the page from the server behind the proxy.

So I had to use a constant value in place of request.getContextPath() and put it web.xml to let the application to know the correct server where to redirect.
n I replaced request.getContextPath() with this constant values got from web.xml.

Philipp Meier has also suggested a solution that, is not tested but might work:
Configure the Apache context so that the "host" attribute points to the hostname of the proxy (the external host name) and put in an "alias" attribute for the webserver's real hostname.

host: www.domain.com
alias: realwebserver.domain.com