I have OpenRefine (a webapp hosted by jetty) running on:
http://127.0.0.1:3333
Which looks like this:
Everything works perfectly.
Now I would like to tunnel this through Apache2 (for security and renaming reasons), so I changed my http.conf file and modified it like this:
ProxyPass /refine http://127.0.0.1:3333
ProxyPassReverse /refine http://127.0.0.1:3333
Now if I try to open the page through the proxy this is what I see:
It looks like all the dynamic content is not working properly. How can I solve this?
Notes:
I made sure mod_proxy is updated and working. Tested with other webapps from Tomcat.
You can use mod_proxy with OpenRefine without using virtual hosts.
I needed to do this exact same thing today. I have an SSL portal through which users must authenticate with some complicated PKI and LDAP tracking, and I need OpenRefine to be hosted behind this because of some data which it has access to. The answers to this problem given in this thread and elsewhere simply weren't acceptable, so I went through the source code expected to patch this behavior in--but I didn't have to!
I noticed that because OpenRefine runs out of a WEB-INF directory, it probably is probably built as a typical java web app. And sure enough, when I looked for how the context was being set on the server, I found this in Refine.java:
final String contextPath = Configurations.get("refine.context_path","/");
So this is what you do:
NOTE: StackOverflow won't let me write things that look like URLs because I don't have any reputation here. So when you read http:\, that really means http://.
1) In refine.ini, make sure that JAVA_OPTIONS includes "-Drefine.context_path=/refine". (It should go without saying that you changed refine.host to 0.0.0.0 instead of 127.0.0.1 and you also set refine.headless=true.) When you restart OpenRefine now, you'll access it at http:\your.refine.server:3333/refine (obviously put your server hostname in that url).
2) Now, for a simple example, we will make https:\your.apache.server/refine proxy to http:\your.refine.server:3333/refine .
In one of your httpd config files (maybe make a openrefine.conf in /etc/httpd/conf.d) put the following lines after enabling mod_proxy:
ProxyPass /refine http:\\your.refine.server:3333/refine
ProxyPassReverse /refine http:\\your.refine.server:3333/refine
The difference here is that OpenRefine is kept out of the global context, so the root of the application can be proxied. OpenRefine makes requests for resources with an absolute path, based upon how the context is set. So if you don't do this, OpenRefine will make javascript files which fall outside your proxy location, as everyone else on this thread was experiencing previously,
In real life, you might want to have mod_proxy use a load balancer over multiple OpenRefine instances and you might want to put some logic about which users are allowed to use this proxy tunnel.
Hope this helps someone else!
I also recommend that you review the undocumented Refine server properties which are also in Refine.java.
You changed the app location from http://your.server:3333/ to http://your.server/refine
You can see that a link with, for example, href="/resource.css" would no longer be valid since that resource has now moved to "/refine/resource.css". I think if you go digging through the HTML source you will find dozens of these links with absolute paths.
This configuration will break any absolute path references. The complicated way to resolve this issue is called URL rewriting, and there are in-depth tutorials for how to set up Mod-Proxy and Reverse with URL rewriting. It is complicated to explain, and easy to do wrong; instead add a VirtualHost so that absolute path links don't need rewriting.
<VirtualHost *>
ServerName refine
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://127.0.0.1:3333/
ProxyPassReverse / http://127.0.0.1:3333/
<Location />
Order allow,deny
Allow from all
</Location>
</VirtualHost>
It's unlikely that you're going to find any absolute links to localhost:3333 so this will probably work for you. Change your /etc/hosts so that refine resolves to 127.0.0.1 and you'll be golden. You can now use refine with no problem from http://refine/.
127.0.0.1 localhost refine
If you're trying to enable access from outside hosts, a slightly more complicated setup will involve a new DNS record and should be easy to imagine from here.
Related
How to create an Htaccess which will have a specific and separate code for Localhost and Production. I mean when we work on localhost, it should be work localhost code and in Production it should be load only Production code. So that i can use one Htaccess for Local and Production and it will save lot of time. Following is the model i would like to implement. It would be much appreciate anyone can help on this. Because i spend lot of time on it and not found any good approach on this. Thanks in Advance!
<Localhost>
---localhost code goes here
---it should be only work in localhost and not at all in Production
</localhost>
<Production>
---production code goes here
---it should be only work in Production and not at all in Localhost
</Producton>
Most of the code in .htaccess should be the same on local and production. (Otherwise, how do you test it?)
However, one of the cleanest ways to separate directives between servers is to Define (requires Apache 2.4) a variable in the server config of one of the servers (eg. the development machine):
Define DEVELOPMENT
This can be defined anywhere in the server config (not .htaccess), but is always seen as global to the server, regardless of whether it is defined inside a <VirtualHost> container or not. You do not need to specify a value (2nd) argument since the <IfDefine> directive (see below) does not check this. As always, whenever you make changes to the sever config you'll need to restart Apache for the changes to take effect.
And reference this in .htaccess:
<IfDefine DEVELOPMENT>
# Local / development directives only
</IfDefine>
<IfDefine !DEVELOPMENT>
# Live / production directives only
</IfDefine>
The ! prefix tests that the variable is not defined.
Depending on what type of directives you need to contain you can use an <If> container and check something like the requested hostname (eg. staging.example.com vs www.example.com for the live site). However, <If> containers do not work the same with mod_rewrite.
Reference:
https://httpd.apache.org/docs/current/mod/core.html#define
i'm trying to implement CAS in Liferay portal. after setting configurations, when i click on signin button, it redirects me to this url :
https://sso.myuni.ac.com:8443/cas/login?service=https%3A%2F%2Flocalhost%3A8080.
my real hostname is : www.liferay.myuni.com and the port is 8443.
how can i change settings in order to liferay returns real hostname instead of localhost?
i want to liferay returens https://sso.myuni.ac.com:8443/cas/login?service=https%3A%2F%2Fliferay.myuni.com%3A8443
Are you running with an Apache in front of your tomcat (assuming you're using tomcat)? If you do (and if you use mod_proxy to forward the requests), make sure you also include
ProxyPreserveHost On
This will make sure that Tomcat has an idea what the originally requested host name is - otherwise it'll take whatever the Proxyserver sends (when installed on the same server, this is typically localhost).
Read about ProxyPreserveHost
Alternatively, check if you can declare the actual host name in Liferay's configuration, e.g. by searching for localhost in portal.properties (you'll override this in portal-ext.properties)
Edit: As you say you only use tomcat, no Apache: Please state what remote host you're actually seeing instead of the expected (and how you obtain it)
With regards to portal.properties: This is a file that is contained within one of Liferay's jars, and is not meant to be modified (that's why it's not easy to find). However, the HTML version is here, it contains a lot of configuration options. You're overriding by creating a file named portal-ext.properties in ${liferay.home}, containing only those settings that you'd like to change with regards to portal.proerties.
While our new website is under development we want to allow a small user base to look at the new site and get feedback. Our current site www.sitea.com will remain functional and available but we want them to visit www.sitea.com/v2 and have the browser maintain the url www.sitea.com/v2 but show the contents of the new site www.siteb.com is this possible?
Preferably this would be done with an .htaccess file if possible I am open to other suggestions though.
Maybe, you can use ProxyPass for this
This directive allows remote servers to be mapped into the space of the local server.
I haven't used this myself, but something like this might work
<Location "/v2/">
ProxyPass "http://www.siteb.com/"
</Location>
Unfortunately, this cannot be used in a .htaccess file. The Context lists only
Context: server config, virtual host, directory
See the manual for details.
I would like to add a IP restriction based on the URL in my htaccess file.
This way I can keep my .htaccess file inside my git repo and use the development branch for dev.domain.com and the master branch for the live website on www.domain.com.
I need 1 htaccess since the dev site is a replica of the live site. On the dev site I'd like to have IP restriction. So I need 1 htaccess that looks similar on both environments, but the behaviour of restriction only kicks in on the dev uri.
How can I achieve this?
Thanks in advance.
order deny,allow
allow from 31.24.232.0/21
allow from 127.0.0.0/20
allow from 192.168.0.0/20
deny from all
you can put this in .htaccess at document root of your subdomain. but remember to change IPs.
That is why I am looking to have 1 htaccess file which contains a 'switch' to turn on restriction based on the visiting URI.
I've been looking for the same thing for a while, but it doesn't seem to be practically possible. Apache's configuration language knows some conditional blocks, but none to do this as far as I can see.
What I have often ended up doing is specifying two different AccessFileName properties on the dev and the production server. For example, on the dev server, I would set
AccessFileName .htaccess.local
the dev server rules would then go into .htaccess.local, and the production server ones into ? htaccess.
i have a site like twitter.com on server one and on server two i have forum, which path is like domain.com/forum
on server one i wanted to implement wild card dns and put main domain on it. but on server two i wanted to keep forum separate, i cant give sub-domain forum.domain.com, because all its links are already put in search engines and link back to domain.com/forum.
so i was wondering, how can i put domain and wild card dns on server one and still able to give path on server 2 for domain.com/forum (as sub-folder).
any ideas?
do you think htaccess can do that job? if yes, then how?
You could use htaccess and mod_rewrite so domain.com/forum actually displays pages from forum.domain.com.
Maybe something like this:
Options +FollowSymLinks
RewriteEngine on
RewriteRule domain.com/forum/(.+) forum.domain.com/$1
Easy - use a proxy! If you like apache you will love apache mod_proxy for your purpose.
<VirtualHost *:80>
ServerName maindomain.com
ServerAlias *.maindomain.com
# insert document root and general settings for this domain here
# ...
ProxyPass /forum http://forumdomain.com
ProxyPassReverse /forum http://forumdomain.com
ProxyPassReverseCookieDomain forumdomain.com maindomain.com
</VirtualHost>
This configuration makes apache do a HTTP-request to your internal domain (forumdomain.com) without notifiying the users browser of the internal location. Your Forum will be accessable at http://*.yourdomain.com/forum. Cookies and headers the forum sents will get rewritten accordingly and Search-engines will not take notice of your backend-server.
You can read more about it at http://httpd.apache.org/docs/2.2/mod/mod_proxy.html
Should you need to rewrite reference sin your html (href, src ...) you might google on "mod_proxy_html".
A solution like this could of course be build with other intelligent proxyservers like squid as well. You can use it to map any content from "backend servers" to your public domain.
Make sure routing is OK or set up a host-entry for your internal domain (forumdomain) with a internet ip-addresse 192.168 ...
Enjoy your site and give feedback how worked out :)
p.s.: a "RewriteRule" directive can potentially do the same thing for you but the rdirect will be visible (and executed) by the client unless you specify the "P", foricng it to do an internal proxy request. If available I would prefer the mod_proxy though as it is more versatile and allows for more configuration.
If you use a proxy on server 1 pointing to server2, you will increase the load on server 1, since all traffic will be routed through it. Besides, if server 1 goes down, nobody will be able to reach server 2 either. Of course it is possible though, but these things are to be considered.
I would suggest setting up a supdomain for server 2 anyway, like forum.domain.com, and on server 1 you set up a 301 redirect from domain.com/forum to forum.domain.com using mod_rewrite from htaccess. Using that technique, you can even redirect calls to specific links to their corresponding page on server 2. Search engines will follow the 301 and they will eventually update the index.
You can use a 301 redirect to make sure the search engine update their index with your new urls like so:
RewriteRule domain.com/forum/(.*) http://forum.domain.com/$1 [R=301,L]
If you've got two servers you don't really have much choice but to use a redirect (ideally a 301 Permanent redirect) to move users from domain.com/forum to forum.domain.com.
The only other way to do it would be to put a reverse proxy in front of those two servers, which reads the URL and internally directs the query to the right server, but that's then an extra piece of hardware.