Environment
Server version: Apache/2.4.6 (CentOS)
I have two servers which are almost duplicates.
aaa.com.
and bbb.com.
They have almost same Apache rulesets.
aaa.com.
config
<Location "/serviceEndpoint/">
ProxyPass http://localhost:8100/serviceEndpoint/
ProxyPassReverse http://localhost:8100/serviceEndpoint/
</Location>
<Location "/fruit/apple">
ProxyPass "/fruit/apple" "http://localhost:8100/serviceEndpoint/fruit/apple"
ProxyPassReverse "/fruit/apple" "http://localhost:8100/serviceEndpoint/fruit/apple"
</Location>
So /serviceEndpoint
is a service using 8100 port, and /fruit/apple
is a servlet of it.
bbb.com.
config
<VirtualHost _default_:80>
ProxyPass "/serviceEndpoint/" "http://localhost:20100/serviceEndpoint/"
ProxyPassReverse "/serviceEndpoint/" "http://localhost:20100/serviceEndpoint/"
ProxyPass "/fruit/apple" "http://localhost:20100/serviceEndpoint/fruit/apple"
ProxyPassReverse "/fruit/apple" "http://localhost:20100/serviceEndpoint/fruit/apple"
</VirtualHost>
Looks the same, but it's inside VirtualHost:80, if that makes anything different.
(*edit I tested using the same config, but the result was same)
Problem
Both aaa.com/fruit/apple
or bbb.com/fruit/apple
works well.
But, when the service use response.sendRedirect()
(java) and redirects the browser to /fruit/apple
,
only aaa.com.
works and bbb.com.
tries to connect literal http://localhost:20100/fruit/apple
from the client browser.
aaa.com
redirect response header
HTTP/1.1 302
Date: Mon, 09 May 2022 08:01:29 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains
Location: /fruit/#!/some_controller
Content-Length: 0
Set-Cookie: JSESSIONID=4EA61F0E6031621E540DBDC9F6C54D64; Path=/serviceEndpoint; HttpOnly
Set-Cookie: JSESSIONID=4EA61F0E6031621E540DBDC9F6C54D64; Secure; HttpOnly; SameSite=Strict
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=15, max=95
Connection: Keep-Alive
bbb.com
redirect response header
HTTP/1.1 302
Date: Mon, 09 May 2022 08:01:29 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains
Location: http://localhost:20100/fruit/#!/some_controller
Content-Length: 0
Set-Cookie: JSESSIONID=4EA61F0E6031621E540DBDC9F6C54D64; Path=/serviceEndpoint; HttpOnly
Set-Cookie: JSESSIONID=4EA61F0E6031621E540DBDC9F6C54D64; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=15, max=95
Connection: Keep-Alive
Question
From Apache settings, what can cause this behavior and how should I fix this?
Best Answer
That ProxyPassReverse directive defines the scope of the URL path(s) that Apache most correct for in back-end responses to ensure that site vistors are presented with a correct URL that matches their requests to the Apache
The
bbb.example.com
response redirects toand therefor the
Location
header is not corrected for by the ProxyPassReverse directive.That seems like either the back-end application does not create correct self-referential URL's and you need to solve that in the back-end application, or you have made an incorrect assumption and your apache config should be: