OK, you have created a great web application and now you want to expose it to the world, or perhaps a limited subset of it. You probably don't want to allow full access to your application server so you need a proxy.
The apache proxy module (mod_proxy) can be used with a simple configuration like below:
<IfModule mod_proxy.c>
<Proxy *>
Order allow,deny
Allow from all
SSLRequireSSL
</Proxy>ProxyPass /mycontext/ http://localhost:8080/mycontext/
ProxyPassReverse /mycontext/ http://localhost:8080/mycontext/</IfModule>
The above configuration ensures that SSL is used when communication with the web application, but the SSL is handled by Apache. The Java application server does not need any SSL setup.
The ProxyPass directive instructs Apache to redirect all requests starting with /mycontext/ to a locally installed application server whose built in HTTP server listens on port 8080. This port should not be open in the firewall. Don't forget the slash after the context path. It ensures that Apache will not forward requests to other contexts that starts with the same letters.
The ProxyPassReverse line is important if you use form based login. After successful login, the application server will send a response to the browser with a redirection to the page requested. Since the application server knows nothing about the proxy, it will redirect to a URL starting with http://localhost:8080/mycontext/. We want such a redirection to be translated to a URL that the client can access.
Put the above in a file called proxy.conf and place the file in Apache's conf.d directory, then restart Apache.
Add new comment