apache mod_proxy, configuring ProxyPass & ProxyPassReverse for cross-domain ajax calls - javascript

I'm creating an html5 - JavaScript app (for mobile devices, using PhoneGap). I have to interact with a REST service.
The service is now running on "http://localhost:8080/backend/mvc/"
I'm developing my app on an wamp server (apache2) (http://localhost/stage/)
I'm using Chrome for browser.
when preforming an ajax call the browser responds: XMLHttpRequest cannot load http://localhost:8080/backend/mvc/event. Origin http://localhost is not allowed by Access-Control-Allow-Origin.
So I find several ways to circumvent this cross-domain ajax call problem:
1) starting chrome chrome.exe --disable-web-security
=> no difference
2) configuring apache using mod_proxy to redirect the traffic.
I enabled in the httpd.conf:
proxy_module
proxy_connect_module
proxy_http_module
I put a .htaccess file in the www root with the following content:
# start mod_rewrite
RewriteEngine On
ProxyRequests off
<Proxy>
Order deny,allow
Allow from all
</Proxy>
ProxyPass /EMBackend/ http://localhost:8080/backend/mvc/
ProxyPassReverse /EMBackend/ http://localhost:8080/backend/mvc/
RewriteRule ^/EMBackend/(.*)$ /backend/mvc/$1 [R]
I restarted all services (apache,php,..)
resulting in error 500
apache error log: [Tue Oct 18 14:30:11 2011] [alert] [client 127.0.0.1] C:/wamp/www/.htaccess: ProxyRequests not allowed here
Any clues on how to resolve this?

I found a working solution:
Enable:
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
Put this in the main section of your configuration (or desired virtual host, if using Apache virtual hosts):
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass /EMBackend http://localhost:8080/backend/mvc
ProxyPassReverse /EMBackend http://localhost:8080/backend/mvc
<Location /EMBackend>
Order allow,deny
Allow from all
</Location>
So I guess I can't put it in .htaccess or I had to set ProxyPreserveHost On. I put Include conf/extra/ in the httpd.conf file and created the httpd-proxy.conf file and put the script above in it. Restarted apache and it's working!

You could simply add the given lines in the httpd.conf after enabling the proxy modules.
ProxyPreserveHost On
ProxyPass /EMBackend http://localhost:8080/backend/mvc
ProxyPassReverse /EMBackend http://localhost:8080/backend/mvc
Just restart the server and you are done.

In very modern apache, turn on proxy by:
a2enmod proxy;
a2enmod proxy_http

Related

Keycloak Admin Console showing a blank page

I have configured a Keycloak server with Apache at the front acting as a reverse proxy. Keycloak is running on http mode only, all the SSL is being handled by Apache. I've configured the whole system according to the official Keycloak docs.
The problem I'm facing is, on accessing the Keycloak admin console from a machine other than localhost, the page is blank (except the navbar). On accessing from the machine on which it is hosted (localhost), it works fine, but on accessing from any other machine it just shows a blank page. The server also does not throw any error. I'm attaching an image of the blank admin page below.
(source: firefoxusercontent.com)
Another thing to note would be, other pages, like my account page, are working fine. The problem is only with the main admin page. Also, I've noticed that the admin page is an Angular app, so that may be relevant.
Relevant configs and settings I'm using.
Keycloak settings (CLI commands).
embed-server --server-config=standalone.xml
/subsystem=undertow/server=default-server/http-listener=default/:write-attribute(name=proxy-address-forwarding,value=true)
/socket-binding-group=standard-sockets/socket-binding=proxy-https/:add(port=443)
/subsystem=undertow/server=default-server/http-listener=default/:write-attribute(name=redirect-socket,value=proxy-https)
Apache config.
<VirtualHost *:80>
DocumentRoot /var/www/html
RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
Redirect permanent '/' https://%{HTTP_HOST}
</VirtualHost>
<VirtualHost *:443>
DocumentRoot /var/www/html
ProxyPreserveHost On
ProxyRequests Off
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Port "443"
ProxyPass /auth http://127.0.0.1:8080/auth
ProxyPassReverse /auth http://127.0.0.1:8080/auth
SSLEngine on
SSLCertificateFile /etc/ssl/certs/oauth-server.crt
SSLCertificateKeyFile /etc/ssl/private/oauth-server.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
</VirtualHost>

Node.js doesn't serve page on proxy pass from apache

I've found similar questions on Stack and other forums but no working answers.
I have a node.js chat server running on port 3000 of my local machine, and an Apache server running on port 80. They both work as expected: browsing to localhost gives me Apache, and localhost:3000 gives me the node app. However, when I set up a ProxyPass directive to make the nodejs app accessible from localhost/node, like this...
<VirtualHost *:80>
ProxyPreserveHost On
ProxyRequests Off
ServerName localhost
ProxyPass /node http://localhost:3000/
ProxyPassReverse /node http://localhost:3000/
</VirtualHost>
... the page loads, but the server isn't processing the page. It renders, but node doesn't work.
Notably, the following configuration allows me to access the node server on port 80 for all traffic, but isn't what I want to achieve.
<VirtualHost *:80>
ProxyPreserveHost On
ProxyRequests Off
ServerName localhost
ProxyPass / http://localhost:3000/
ProxyPassReverse / http://localhost:3000/
</VirtualHost>

node.js on apache server shows only raw html

I've recently been dealing with node.js server atop of apache2. I managed to configure apache virtualhost with the following code:
<VirtualHost *:80>
ServerAdmin webmaster#localhost
ServerName www.mydomain.com
ProxyRequests off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location /gp>
ProxyPass http://localhost:3000/
ProxyPassReverse http://localhost:3000/
</Location>
</VirtualHost>
It actually displays the raw html backbone (no css or frontend js) if I go to mydomain.com/gp, which is a success already, yet I do not understand why there is no css or any styles whatsoever. Could it be the problem I don't have my node files in /var/www/html but in e.g. ~/user/nodeApp?
Is there anything else I can to to fix this?
Thank you very much.

hiding port number through .htaccess node.js express

I am running two node servers on my website. 1 is a socket.io server for live streaming data on the main site and the other is streaming JSON data to a sub-domain api.site.com.
my main node is running on port 8001 and the second is running on 8080. I have been able to hide the port number for the first one in .htaccess using
RewriteCond %{SERVER_PORT} 8001
but am struggling to hide the 8080 port.
If I add in RewriteCond %{SERVER_PORT} 8080 and go to my api location api.site.com/prices/all I get 404 not found error and if I go to api.site.com:8080/prices/all everything still works.
How can I hide the port so api.site.com/prices/all works?
This is also slightly linked to my other question: here where I want to deny other .get attempts so api.site.com/price wont work.
You can put your config directly in the domain.conf folder the following works for me every time. Port here is 8888 change customise that and the domain to your settings.
<VirtualHost *:80>
ServerName mydomain.foobar
ServerAlias mydomain.foobar
ServerAdmin info#lakes.world
DocumentRoot /path/to/mydomain.foobar/httpdocs
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
ProxyPreserveHost On
ProxyRequests Off
ProxyPass / http://mydomain.foobar:8888/
ProxyPassReverse / http://mydomain.foobar:8888/
</VirtualHost>

importing certificates into firefox trusted root CAs programmaticaly by javascript

I'm developing a webrtc application with sipml5 in firefox.
firefox does not allow unsecure connection from secure origin.
I have created a self signed certificate for my Communication server Asterisk (Secure websocket serving sipml5). But every time i want to login to to asterisk from my sipml5 page i should open a tab, write "wss://myAsteriskURL:8088" to add a security exception for my asterisk websocket connection.
Can any body show me a way to programaticaly add my my "ca.cert" to Firefox's "TRUSTED ROOT Certificate Authorities" with javaxcript code?? if actually a way exists!
Thank you
No, it's not possible to inject your ca.cert inside browsers trusted root certificate authorities with js.
But I can tell you that I had exactly the same problem: users can't be asked to accept two times the same certificate to use a web page, and I solved in another way: using mod_proxy_wstunnel in Apache/2.4.20.
Now showing a single https server to provide web pages and sip signaling the user is required to accept just a single certificate.
Here is the relevant part of the config:
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
<VirtualHost *:443>
DocumentRoot ...
ServerName clic2call.demo.sociale.it:443
ErrorLog ...
TransferLog ...
SSLEngine on
...
SSLProxyCheckPeerName off
SSLProxyEngine On
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
SSLProxyVerify none
ProxyPass /ws wss://127.0.0.1:8088/ws retry=0
</VirtualHost>
I hope it can be useful to solve your problem.

Categories