squid, apache and tomcat with name based virtual hosts

Hi,

My setup is rather complex for a simple web server, but let me try
explaining it:

Squid is listening on port 80 of my IP address, configured as a non-caching
httpd accelerator. It's main purpose is to be one single access point to two
apaches: One on the same maching, the other on another machine. The
distinction between the two servers is done based on the domain name used (I
couldn't do this using DNS, due to the network structure).

The Apache on the same machine is listening on port 80 of 127.0.0.1 and
serves a few name based virtual hosts.

Now what I want to do is have one virtual host (vhosts.mindmatters.de) that
is used to connect to a tomcat server:

JkMount / ajp13 ajp13:vhosts.mindmatters.de:8009
JkMount /* ajp13 ajp13:vhosts.mindmatters.de:8009

Now I want to let other virtual hosts access the tomcat mounts. Let's say I
have a virtual host thomas.mindmatters.de and all requests should be sent to
an application "thomas" deployed on tomcat. I'd like to configure this using
a .htaccess file in the document root of this host (so that changes to the
redirection can be done by the user without reloading apache's
configuration):

RewriteEngine on
RewriteRule ^(.*) http://vhosts.mindmatters.de/thomas/$1 [P]

But with this, I get an error from squid saying that the access is denied
for http://127.0.0.1/thomas/.

What this seems to do: I access thomas.mindmatters.de, which lets apache's
mod_proxy module issue a request on vhosts.mindmatters.de/thomas. This goes
to squid again and tries to fetch it. But the request to squid must be
different thatn the request I'd send when accessing
vhosts.mindmatters.de/thomas directly, since it doesn't go through.

First I thought, this error might occur because apache doesn't change the
Host header of the HTTP request to vhosts.mindmatters.de (so that squid and
apache are able to analyse it properly), but it does.

Any hints on how I could achieve this? Thank you very much. Oh, and
redirects and authentication requests should be handled transparently as
well without exposing the domain of host2 to the client! :)

Regards,
Thomas

PS - I think, tomcat or squid aren't the problem, it's just that I'm
proxying a name based virtual host from another name based virtual host on
the same machine/apache. Are there any known problems and workarounds for
this?

Re: squid, apache and tomcat with name based virtual hosts

I'm sorry (well, actually glad!), I found a solution... it wasn't Apache,
but Squid:

The request to thomas.mindmatters.de got a via header to mark it as being
processed by a proxy. The request got to apache, which proxied it. Then the
request (with the via header) came to squid again which thought this is a
forwarding loop (which it isn't - just a two pass process) and denied it. So
I added a ProxyVia block directive in the VirtualHost and it works...

sorry for bugging you.
Cheers,
Thomas


"Thomas Jachmann" schrieb im Newsbeitrag
news:cp549t$2dg$1@sea.gmane.org...
> Hi,
>
> My setup is rather complex for a simple web server, but let me try
> explaining it:
>
> Squid is listening on port 80 of my IP address, configured as a
non-caching
> httpd accelerator. It's main purpose is to be one single access point to
two
> apaches: One on the same maching, the other on another machine. The
> distinction between the two servers is done based on the domain name used
(I
> couldn't do this using DNS, due to the network structure).
>
> The Apache on the same machine is listening on port 80 of 127.0.0.1 and
> serves a few name based virtual hosts.
>
> Now what I want to do is have one virtual host (vhosts.mindmatters.de)
that
> is used to connect to a tomcat server:
>
> JkMount / ajp13 ajp13:vhosts.mindmatters.de:8009
> JkMount /* ajp13 ajp13:vhosts.mindmatters.de:8009
>
> Now I want to let other virtual hosts access the tomcat mounts. Let's say
I
> have a virtual host thomas.mindmatters.de and all requests should be sent
to
> an application "thomas" deployed on tomcat. I'd like to configure this
using
> a .htaccess file in the document root of this host (so that changes to the
> redirection can be done by the user without reloading apache's
> configuration):
>
> RewriteEngine on
> RewriteRule ^(.*) http://vhosts.mindmatters.de/thomas/$1 [P]
>
> But with this, I get an error from squid saying that the access is denied
> for http://127.0.0.1/thomas/.
>
> What this seems to do: I access thomas.mindmatters.de, which lets apache's
> mod_proxy module issue a request on vhosts.mindmatters.de/thomas. This
goes
> to squid again and tries to fetch it. But the request to squid must be
> different thatn the request I'd send when accessing
> vhosts.mindmatters.de/thomas directly, since it doesn't go through.
>
> First I thought, this error might occur because apache doesn't change the
> Host header of the HTTP request to vhosts.mindmatters.de (so that squid
and
> apache are able to analyse it properly), but it does.
>
> Any hints on how I could achieve this? Thank you very much. Oh, and
> redirects and authentication requests should be handled transparently as
> well without exposing the domain of host2 to the client! :)
>
> Regards,
> Thomas
>
> PS - I think, tomcat or squid aren't the problem, it's just that I'm
> proxying a name based virtual host from another name based virtual host on
> the same machine/apache. Are there any known problems and workarounds for
> this?
>
>
>
>