Jun. 16th, 2008
Geek pop quiz!
Jun. 16th, 2008 01:31 pmApache2 server is proxying a rather stupid app off another server, such that https://apache/appname secretly and silently loads from http://stupidapp:8080/appname/, which is running Jetty. This is fine. Everything loads correctly.
However, Apache server is using https. Stupid app is http. Stupid app insists that all it's links go to http, meaning any time you click on a link on https://apache/appname it tries to take you to http://apache/appname/link. It actually uses Javascript to make sure that the rather clever Apache proxy won't fix the links for it, because it's stupid.
You can get the link you want by adding the "s" back to the URL, manually.
I want all those links to go to https://LINK automagically and without the user seeing anything.
Obvious solution: Have Apache listen to http://apache/appname/* and redirect to https://apache/appname/* - but what's the magic mod_rewrite formula to make that happen? I hate apache's documentation, and haven't found a good example yet.[1]
Obvious solution: Make the javascript app not stupid, or, rather, make it https everything instead of http. However, this is proving much harder than anticipated, because the app is really stupid. And this would also break it for internal users going directly to the http://stupidapp:8080/appname/ site. Not that I care *that* much, but I'd rather they both work.
Non-obvious solution: Anything else.
Pop quiz:How do I get this to work?
[1]: What I've been trying is this, inside the (working) http://apache/ site file:
But that doesn't work.
EDIT: Solved!
![[livejournal.com profile]](https://www.dreamwidth.org/img/external/lj-userinfo.gif)
prk pointed me at the correct syntax, and then I had a "DUH" moment when I realised my failures weren't showing in the log. Any of the logs. At all.
Because the HTTPS server isn't exposed to port 80 traffic from the outside, using it's full name. It's only visible from the inside using the local name.
Right, then.
Move the internal-only http app over to https (it doesn't HAVE to be http, it just always has been), change the site file for the internal site to be just this:
However, Apache server is using https. Stupid app is http. Stupid app insists that all it's links go to http, meaning any time you click on a link on https://apache/appname it tries to take you to http://apache/appname/link. It actually uses Javascript to make sure that the rather clever Apache proxy won't fix the links for it, because it's stupid.
You can get the link you want by adding the "s" back to the URL, manually.
I want all those links to go to https://LINK automagically and without the user seeing anything.
Obvious solution: Have Apache listen to http://apache/appname/* and redirect to https://apache/appname/* - but what's the magic mod_rewrite formula to make that happen? I hate apache's documentation, and haven't found a good example yet.[1]
Obvious solution: Make the javascript app not stupid, or, rather, make it https everything instead of http. However, this is proving much harder than anticipated, because the app is really stupid. And this would also break it for internal users going directly to the http://stupidapp:8080/appname/ site. Not that I care *that* much, but I'd rather they both work.
Non-obvious solution: Anything else.
Pop quiz:
[1]: What I've been trying is this, inside the (working) http://apache/ site file:
RewriteEngine on
RewriteRule ^appname/([^/\.]+) https://apache/appname/$1 [L]
But that doesn't work.
EDIT: Solved!
prk pointed me at the correct syntax, and then I had a "DUH" moment when I realised my failures weren't showing in the log. Any of the logs. At all.Because the HTTPS server isn't exposed to port 80 traffic from the outside, using it's full name. It's only visible from the inside using the local name.
Right, then.
Move the internal-only http app over to https (it doesn't HAVE to be http, it just always has been), change the site file for the internal site to be just this:
NameVirtualHost *:80
[VirtualHost *:80]
RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule ^/(.*) https://apacheservername/$1 [R,L]
[/VirtualHost]
