0

My setup is:

  • Cas server (lets say url https://localhost:8443/cas-server/)

  • A cas-protected website hosted on a tomcat-server, running cas-client (lets say (https://localhost:4448/myApp)

  • A httpd apache2, with mod auth cas, and proxy_http, which is used as a reverse proxy. (http://localhost:80)

What I want to do, is to configure the reverse proxy to something like this:

<Location /proxyTest >
      ProxyPass https://localhost:4448/myApp
      ProxyPassReverse https://localhost:4448/myApp
</Location>

And then be able to write

https://localhost/proxyTest

instead of

https://localhost:4448/myApp

And this works well, I get redirected, I get the cas-ticket, I get authenticated etc. The PROBLEM, is that the cas-login page url shows:

https://localhost:8443/cas-server/login?service=https%3A%2F%2Flocalhost%3A4448%2Fmyapp

And after login, the url shown in my browser is:

https://localhost:4448/myApp

So the redirection doesen't work properly...somewhere along the way, I get sent back to the non-proxied URL. Most likely by the cas-client. How can I set up such a proxy to work properly, so that all of this is transparent once I got a valid ticket?

Is using tomcat's AJP involved? Or configuring and using the mysterious cas proxy callback stuff in the cas-client,that I never understood how to use? something else?

Henrik Kjus Alstad
  • 263
  • 2
  • 9

1 Answers1

1

The ProxyPassReverse directive is what rewrites the URL returned by Apache on redirects, etc. See this question for a concise explanation.

I think what you are looking for is

<Location /proxyTest>
    ProxyPass https://localhost:4448/myApp
    ProxyPassReverse https://localhost/proxyTest
</Location>

Here you are using http(s), so AJP is not involved. According to the docs, a ProxyPassReverse is not required for AJP, so you could have something like

<Location /proxyText>
    ProxyPass ajp://localhost:4448/myApp
</Location>
Community
  • 1
hgh
  • 26
  • 1