4 Replies Latest reply on Feb 9, 2015 2:03 PM by richard.quintin

    Wildfly 8.1 app behind reverse proxy

    richard.quintin
    richard.quintin Feb 9, 2015 9:22 AM

      I'm trying to setup jbpm behind a reverse proxy (Apache). I suspect this problem applies more generally to Wildfly than jbpm in particular.

       

      So this is what I want:

      user <--[HTTPS] --> my.domain.com/jbpm-console <-- [AJP] --> jee-server-1.com:1234/jbpm-console

       

      The problem appears to be that HttpRequest.getServerName() is returning jee-server-1.com rather than my.domain.com.

       

      This url [JBoss Web - Proxy Support HOW-TO] talks about setting proxyName in a Connector element of jboss-web.xml, but that doesn't appear to work in Wildfly 8.1.

       

      What is the correct way to configure an application running in Wildfly 8.1 behind a reverse proxy?

       

      Thanks!

        • 1. Re: Wildfly 8.1 app behind reverse proxy
          ctomc
          ctomc Feb 9, 2015 9:31 AM (in response to richard.quintin)

          so what do you use for accessing app on wildfly? http proxy or ajp proxy?

            • Actions
          • 2. Re: Wildfly 8.1 app behind reverse proxy
            richard.quintin
            richard.quintin Feb 9, 2015 9:37 AM (in response to ctomc)

            As shown above, I'm talking https to the reverse proxy, reverse proxy uses mod_proxy_ajp to talk ajp to wildfly.

             

            If it helps, this is my apache config:

            RewriteRule ^/+(jbpm-console.*) balancer://jbpm.dev/$1 [P]

            ProxyPassReverse / balancer://jbpm.dev/

            <Proxy balancer://jbpm.dev>

              BalancerMember ajp://jee-server-1.com:1234 route=jee-server-1 ping=1 min=1 smax=1 max=8 ttl=60 acquire=15 connectiontimeout=1 timeout=60

              BalancerMember ajp://jee-server-2.com:1234 route=jee-server-2 ping=1 min=1 smax=1 max=8 ttl=60 acquire=15 connectiontimeout=1 timeout=60 status=+H

            </Proxy>

              • Actions
            • 3. Re: Wildfly 8.1 app behind reverse proxy
              ctomc
              ctomc Feb 9, 2015 9:45 AM (in response to richard.quintin)

              That is strange. as when using AJP, protocol itself carries information about the originating host. so no additional configuration is required.

              But that RewriteRule looks bit odd, which might also cause problems with this.

               

              why not use ProxyPass & ProxyPassReverse

              instead of RewriteRule?

               

              see http://httpd.apache.org/docs/2.2/mod/mod_proxy_ajp.html

                • Actions
              • 4. Re: Wildfly 8.1 app behind reverse proxy
                richard.quintin
                richard.quintin Feb 9, 2015 2:03 PM (in response to ctomc)

                Hmm...perhaps this is a jbpm specific issue then..

                 

                I tried ProxyPass instead of RewriteRule. It had no affect.

                 

                Interestingly, if I create an ssh tunnel to the server (rather than going through the reverse proxy) it works fine.  So it appears that the app is functional and configured correctly. I just can't seem to get to it through the reverse proxy.

                  • Actions