-
-
2. Re: mod_cluster and virtual hosts
georgesberscheid Nov 5, 2012 1:02 PM (in response to jfclere)Hi Jean-Frederic,
thanks a lot for your reply. I had actually tried that before, putting UseAlias 1 at the top level of my Apache configuration, I have additionally put it into every single <VirtualHost>.
However, I must still be missing something, as they are still showing up in mod_cluster status as a single Virtual Host. Is it maybe related to the fact that I'm using HTTPS? The port 6666 has SSLEngine on as well by the way.
Thanks,
Georges
-
3. Re: mod_cluster and virtual hosts
erasmomarciano Nov 6, 2012 4:39 AM (in response to georgesberscheid)In Apache is indifferent if you use 6666 in http or https.
Have you defined the NameVirtualHost in Apache?
-
4. Re: mod_cluster and virtual hosts
georgesberscheid Nov 6, 2012 6:43 AM (in response to erasmomarciano)Hi,
yes, I have NameVirtualHost turned on in Apache.
I'm not sure however if it's really the same if you use AJP or HTTPS. I've seen in the Apache logs that whenever Apache accepts a connection on https://host1.example.com:443, it forwards it to https://192.168.1.10:8443 which is probably the address that JBoss is publishing using STATUS requests to port 6666. While all host and header information is passed transparently with AJP, this is not the case with HTTPS (e.g. client certificate information has to be copied explicitly into the request headers by Apache if you want to use them in your JBoss application). I don't know enough about the details of the implementation, but is it possible that JBoss will now only see the virtual host name 192.168.1.10 instead of host1.example.com, hence routes all requests to the default-host?
Update: If I change my /etc/hosts configuration to make host1.example.com point to 192.168.1.10 and then access https://host1.example.com:8443, the vhost-configuration works fine. I think I'll have to go for a less automated and more sophisticated method using ProxyPass and ProxyPassReverse... I'll keep you posted.
Thanks,
Georges
-
5. Re: mod_cluster and virtual hosts
jfclere Nov 6, 2012 6:49 AM (in response to georgesberscheid)while using http or https between httpd and AS you need to forward the SSL information: https://community.jboss.org/wiki/SSLModproxyForwarding
Note that with AS7 you need to put the valve in your webapp.
-
6. Re: mod_cluster and virtual hosts
georgesberscheid Nov 6, 2012 9:36 AM (in response to jfclere)Hi Jean-Frederic,
abolutely, I have the whole SSL configuration and valve and everything else that's required to use SSL client authentication working. That's not the problem. The problem is that JBoss can't see the real hostname https://host1.example.com (or https://host1.example.com), because they're all translated into https://192.168.1.10:8443 by mod_cluster (or mod_proxy).
If I understand well, mod_proxy puts the original hostname into the request header X-Forwarded-For, but the JBoss HTTPS web connector doesn't seem to care about that when selecting the virtual server to which to route the request.
Regards,
Georges
-
7. Re: mod_cluster and virtual hosts
erasmomarciano Nov 7, 2012 4:37 AM (in response to georgesberscheid)HI
I don't understand if you want to use mod_proxy or mod_cluster.
-
8. Re: mod_cluster and virtual hosts
georgesberscheid Nov 7, 2012 3:50 PM (in response to erasmomarciano)Hi,
well, mod_cluster uses mod_proxy under the hood to forward calls to JBoss. Since I'm having trouble getting mod_cluster to manage virtual hosts properly, I'll try with mod_proxy directly which is an option suggested by the mod_cluster docs: http://docs.jboss.org/mod_cluster/1.2.0/html/native.config.html#d0e545
Georges
-
9. Re: mod_cluster and virtual hosts
jfclere Nov 8, 2012 4:06 AM (in response to georgesberscheid)ProxyPreserveHost On in httpd.conf (See http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypreservehost)
-
10. Re: mod_cluster and virtual hosts
georgesberscheid Nov 8, 2012 9:32 AM (in response to jfclere)Hi Jean-Frederic,
Awesome, thanks a lot, that was indeed the missing piece to my puzzle!
Thanks,
Georges