Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

forward request from apache to jboss 1

Status
Not open for further replies.

cpkiran

Programmer
May 21, 2015
11
I have follwing components configured.
LoadBalancer, Apache and SSL enabled JBoss.

Lodbalancer URL: Apache URL : Jboss URL(SSL) :
When the request comes to Loadbalancer, it is forwarding the request fine to apache.
But from apache I am not able to forward the request to Jboss(SSL)

I am using below settings on httpd.conf file of apache but url is getting changed to from
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) [R,L]

I still want the generic name (emsprod.com) to be displayed on url instead of server name.
Can any one help how I can successfully forward the request to Jboss when I access LB url.
 
I still want the generic name (emsprod.com) to be displayed on url instead of server name.


Use frames not a redirect in that case.

Chris.

Indifference will be the downfall of mankind, but who cares?
Time flies like an arrow, however, fruit flies like a banana.
Webmaster Forum
 
do you have any reference links to frames how I can use?
I am bit new.
 
I didn't get how frames will solve my problem.
Can you give me an example.
 
With a frameset the URL of the frame set never changes.
It is known as "Frame Forwarding" or "a frame redirect" in hosting discussions.


HTML:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN" "[URL unfurl="true"]http://www.w3.org/TR/html4/frameset.dtd">[/URL]
<html>
   <head>
      <title>Whatever title you want the browser to display</title>
      <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
      <link rel="shortcut icon" type="image/ico" href="/favicon.ico" />
   </head>
   
   <frameset rows="*,1" cols="1" framespacing="0" frameborder="no" border="0">  
      <frame name="content" src="URL_of_the_content_to_show_for_the_domain_name_in_the_frame" />
   </frameset>
   
   <noframes>
      <body>
          <!-- put HTML code for any non-frames capable user agent here -->
      </body>
   </noframes>
</html>

The above code goes in the 'index' document (index.htm, index.html, etc.) in the document root of the site.




Chris.

Indifference will be the downfall of mankind, but who cares?
Time flies like an arrow, however, fruit flies like a banana.
Webmaster Forum
 
Also look into mod_jk. It's Apache's Tomcat connector, but it works great with JBoss. You can even have it balance traffic from Apache to multiple JBoss servers. Your JBoss server will be doing all the work, but your users will still be connecting to and seeing the domain emsprod.com.

Your users still hit emsprod.com, but all the content is coming from the JBoss servers.


I have a redundant load balancer sending traffic to two Apache servers, that are balancing traffic with mod_jk to three JBoss servers. I can put a bullet into any single server and still have the app up and running. (That's about as bullet proof as that app gets).
 
I am using mod_jk . Below are the settings in my worker.properties
worker.node1.port=8009
worker.node1.host=servername
worker.node1.type=ajp13

Apache connects to JBoss fine with ajp port 8009.
But I have SSL enabled on JBoss with port 8443. I am bit struggling to connect my apache to port 8443 of Jboss when I use emsprod.com.
Do you know how apache connects to port 8443 of Jboss instead of 8009 when I access emsprod.com?

 
Do you know how apache connects to port 8443 of Jboss instead of 8009 when I access emsprod.com?

Probably because this
Code:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) [URL unfurl="true"]https://servername:8443/EPC[/URL] [R,L]

Tells it to do so.


Chris.

Indifference will be the downfall of mankind, but who cares?
Time flies like an arrow, however, fruit flies like a banana.
Webmaster Forum
 
Well, with mod_jk you don't do a rewrite. That redirects the browser to go directly to JBoss' HTTPS connector, and will change the address the user sees from emsprod.com. When mod_jk is used, Apache will still front-end the session, but pass it on to JBoss transparently.

You can set up the HTTP connector on JBoss with SSL (which is what you've done), but that's using an HTTPS connector on JBoss. When you use mod_jk, you're using an ajp13 connector, not HTTP or HTTPS. I don't think you can set up a mod_jk connector with SSL, but I don't think it's needed. ajp13 is a binary protocol that "supports" SSL, so you have a secure connection there (I believe).

So Apache acts as your SSL front-end, with it going to JBoss using the AJP protocol. It would look like this...

[tt][Client Browser] -> (https) -> [Load Balancer] -> (https) -> [Apache -> mod_jk] -> (ajp13) -> [JBoss][/tt]

Some links...
Apache SSL: AJP13 Protocol:
 
Instead of using HTTPS conenctor at Jboss , I tried using https at apache and to conenct to JBoss using ajp13 protocal.
That seems to like meets my requirement.
But I am getting below error in logs while trying to access URL. Do I need to do anything at Jboss to connect throught https.?
i am using the same flow you have mentioned.
[Client Browser] -> (https) -> [Load Balancer] -> (https) -> [Apache -> mod_jk] -> (ajp13) -> [JBoss]

{Exception: . sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target}
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
 
Where are you getting that error?

Are you sure Apache's SSL cert is set up correctly? Can you hit that URL directly without the loadbalancer?

 
I tried without load balancer.
I had to import the certs on cacerts under Java_Home/lib/security of Jboss.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top