Apache - 反向代理和 HTTP 302 状态消息
我的团队正在尝试将 Apache 反向代理从客户站点设置到我们的 Web 应用程序之一。
http://www.example.com/app1/some-path 映射到 http://internal1.example.com/some-path
在我们的应用程序中,我们使用 struts 并重定向 = true 设置某些操作以提供某些功能。 来自这些重定向的 302 状态消息会导致用户突破代理,从而导致最终用户出现错误页面。
HTTP/1.1 302 找到 位置:http://internal.example.com/some-path/redirect
有吗有什么方法可以在 apache 中设置反向代理以便重定向正常工作吗?
My team is trying to setup an Apache reverse proxy from a customer's site into one of our web applications.
http://www.example.com/app1/some-path maps to http://internal1.example.com/some-path
Inside our application we use struts and have redirect = true set on certain actions in order to provide certain functionality. The 302 status messages from these re-directs cause the user to break out of the proxy resulting in an error page for the end user.
HTTP/1.1 302 Found
Location: http://internal.example.com/some-path/redirect
Is there any way to setup the reverse proxy in apache so that the redirects work correctly?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
有一篇标题为 在 Apache 中运行反向代理 的文章似乎解决了你的问题。 它甚至使用与示例中相同的 example.com 和 /app1。 请转至“配置代理”部分,获取有关如何使用 ProxyPassReverse< 的示例/a>.
There is an article titled Running a Reverse Proxy in Apache that seems to address your problem. It even uses the same example.com and /app1 that you have in your example. Go to the "Configuring the Proxy" section for examples on how to use ProxyPassReverse.
AskApache 文章 相当不错有帮助,但在实践中我发现 Rewrite 规则和 ProxyPassReverse 的组合更加灵活。 因此,在您的情况下,我会这样做:
我更喜欢这个,因为它可以让您对为内部服务器代理的路径进行更细粒度的控制。 在我们的例子中,我们只想公开第三方应用程序的一部分。 请注意,这并不涉及 HTML 中的硬编码链接,AskApache 文章对此进行了介绍。
另请注意,您可以有多个 ProxyPassReverse 行:
我提到这一点只是因为我们代理的另一个第三方应用程序发送的重定向不包含其内部主机名,仅包含不同的端口。
最后一点,请记住 Firebug 在调试重定向。
The AskApache article is quite helpful, but in practice I found a combination of Rewrite rules and ProxyPassReverse to be more flexible. So in your case I'd do something like this:
I like this better because it gives you finer-grained control over the paths you're proxying for the internal server. In our case we wanted to expose only part of third-party application. Note that this doesn't address hard-coded links in HTML, which the AskApache article covers.
Also, note that you can have multiple ProxyPassReverse lines:
I mention this only because another third-party app we were proxying was sending out redirects that didn't include their internal host name, just a different port.
As a final note, keep in mind that Firebug is extremely useful when debugging the redirects.
基本上,ProxyPassReverse 应该负责为您重写 Location 标头,正如 Kevin Hakanson 指出的那样。
我遇到的一个陷阱是 url 参数中缺少尾部斜杠。 确保使用:(
注意结尾的斜杠!)
Basically,
ProxyPassReverseshould take care of rewriting the Location header for you, as Kevin Hakanson pointed out.One pitfall I have encountered is missing the trailing slash in the url argument. Make sure to use:
(note the trailing slash!)
尝试使用 AJP 连接器而不是反向代理。 当然这不是一个微不足道的改变,但我发现当使用 AJP 而不是反向代理时,很多 URL 噩梦就消失了。
Try using the AJP connector instead of reverse proxy. Certainly not a trivial change, but I've found that a lot of the URL nightmares go away when using AJP instead of reverse proxy.