Apache Proxypass redirects "localhost:port" as url string instead of local service of the port

Question

Environment

Server version: Apache/2.4.6 (CentOS)

---

I have two servers which are almost duplicates.

aaa.com. and bbb.com.

They have almost same Apache rulesets.

aaa.com. config

<Location "/serviceEndpoint/">
  ProxyPass http://localhost:8100/serviceEndpoint/
  ProxyPassReverse http://localhost:8100/serviceEndpoint/
</Location>
<Location "/fruit/apple">
  ProxyPass "/fruit/apple" "http://localhost:8100/serviceEndpoint/fruit/apple"
  ProxyPassReverse "/fruit/apple" "http://localhost:8100/serviceEndpoint/fruit/apple"
</Location>

So /serviceEndpoint is a service using 8100 port, and /fruit/apple is a servlet of it.

bbb.com. config

<VirtualHost _default_:80>
  ProxyPass "/serviceEndpoint/" "http://localhost:20100/serviceEndpoint/"
  ProxyPassReverse "/serviceEndpoint/" "http://localhost:20100/serviceEndpoint/"

  ProxyPass "/fruit/apple" "http://localhost:20100/serviceEndpoint/fruit/apple"
  ProxyPassReverse "/fruit/apple" "http://localhost:20100/serviceEndpoint/fruit/apple"
</VirtualHost>

Looks the same, but it's inside VirtualHost:80, if that makes anything different.
(*edit I tested using the same config, but the result was same)

Problem

Both aaa.com/fruit/apple or bbb.com/fruit/apple works well.

But, when the service use response.sendRedirect()(java) and redirects the browser to /fruit/apple,
only aaa.com. works and bbb.com. tries to connect literal http://localhost:20100/fruit/apple from the client browser.

aaa.com redirect response header

HTTP/1.1 302
Date: Mon, 09 May 2022 08:01:29 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains
Location: /fruit/#!/some_controller
Content-Length: 0
Set-Cookie: JSESSIONID=4EA61F0E6031621E540DBDC9F6C54D64; Path=/serviceEndpoint; HttpOnly
Set-Cookie: JSESSIONID=4EA61F0E6031621E540DBDC9F6C54D64; Secure; HttpOnly; SameSite=Strict
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=15, max=95
Connection: Keep-Alive

bbb.com redirect response header

HTTP/1.1 302
Date: Mon, 09 May 2022 08:01:29 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains
Location: http://localhost:20100/fruit/#!/some_controller
Content-Length: 0
Set-Cookie: JSESSIONID=4EA61F0E6031621E540DBDC9F6C54D64; Path=/serviceEndpoint; HttpOnly
Set-Cookie: JSESSIONID=4EA61F0E6031621E540DBDC9F6C54D64; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=15, max=95
Connection: Keep-Alive

Question

From Apache settings, what can cause this behavior and how should I fix this?

Answer 1

That ProxyPassReverse directive defines the scope of the URL path(s) that Apache most correct for in back-end responses to ensure that site vistors are presented with a correct URL that matches their requests to the Apache

ProxyPassReverse "/fruit/apple" "http://localhost:20100/serviceEndpoint/fruit/apple"

The bbb.example.com response redirects to

 Location: http://localhost:20100/fruit/#!/some_controller
                                       \
                                        `- "apple" is missing . 

and therefor the Location header is not corrected for by the ProxyPassReverse directive.

That seems like either the back-end application does not create correct self-referential URL's and you need to solve that in the back-end application, or you have made an incorrect assumption and your apache config should be:

ProxyPass "/fruit/" "http://localhost:20100/serviceEndpoint/fruit/"
ProxyPassReverse "/fruit/" "http://localhost:20100/serviceEndpoint/fruit/"

Answer 2

It was Tomcat difference. Tomcat 8.0 redirects to localhost, whereas 8.5 redirects normally.