My setup is:
-
Cas server (lets say url
https://localhost:8443/cas-server/) -
A cas-protected website hosted on a tomcat-server, running cas-client (lets say (
https://localhost:4448/myApp) -
A httpd apache2, with mod auth cas, and proxy_http, which is used as a reverse proxy. (
http://localhost:80)
What I want to do, is to configure the reverse proxy to something like this:
<Location /proxyTest >
ProxyPass https://localhost:4448/myApp
ProxyPassReverse https://localhost:4448/myApp
</Location>
And then be able to write
https://localhost/proxyTest
instead of
https://localhost:4448/myApp
And this works well, I get redirected, I get the cas-ticket, I get authenticated etc.
The PROBLEM, is that the cas-login page url shows:
https://localhost:8443/cas-server/login?service=https%3A%2F%2Flocalhost%3A4448%2Fmyapp
And after login, the url shown in my browser is:
https://localhost:4448/myApp
So the redirection doesen't work properly…somewhere along the way, I get sent back to the non-proxied URL. Most likely by the cas-client.
How can I set up such a proxy to work properly, so that all of this is transparent once I got a valid ticket?
Is using tomcat's AJP involved? Or configuring and using the mysterious cas proxy callback stuff in the cas-client,that I never understood how to use? something else?
Best Answer
The ProxyPassReverse directive is what rewrites the URL returned by Apache on redirects, etc. See this question for a concise explanation.
I think what you are looking for is
Here you are using http(s), so AJP is not involved. According to the docs, a ProxyPassReverse is not required for AJP, so you could have something like