hi everyone!
i'm playing around with proxying since i need to get a lenya site out
and i figured it could use some testing before the release.
proxying the live site works nicely, but ssl-proxying the authoring area
does not work at all.
in my apache virtual host configuration, i do this:
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://localhost:8888/mypub/live/
ProxyPassReverse / http://localhost:8888/mypub/live/
as you can see, i'm using a jetty on localhost and an apache on the outside.
works like a charm.
the pain starts when using ssl: as you may know, it is not possible to
have name-based virtual ssl hosts, because you can only have one ssl
certificate and alternative vhost names would not match the server name
in that certificate. so i need to redirect all publications to my
default ssl server:
<VirtualHost "88.198.247.82:443">
...
SSLEngine on
...
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass /cms/mypub/ http://localhost:8888/mypub/authoring/
ProxyPassReverse /cms/mypub/ http://localhost:8888/mypub/authoring/
</VirtualHost>
as you see, sub-directories come into play.
my lenya publication is configured as follows:
<proxies>
<proxy area="live" ssl="true" url="https://mypub.com/"/>
<proxy area="live" ssl="false" url="http://mypub.com/"/>
<proxy area="authoring" ssl="true"
url="https://mysslserver.net/cms/mypub/"/>
<proxy area="authoring" ssl="false"
url="http://mysslserver.net/cms/mypub/"/>
</proxies>
now when i request a page from authoring by pointing my browser at
https://mysslserver.net/cms/mypub/, i get a login usecase, but no
styling at all. after logging in, i get a text-only version of the lenya
gui.
interestingly, stuff goes wrong in several different ways:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd";>
<html xmlns="http://www.w3.org/1999/xhtml";>
<head>
<title>Apache Lenya | fairsolution | authoring | /index.html |
Home</title>
<script src="/lenya/menu/menu.js" type="text/javascript"> </script>
<link href="/lenya/css/menu.css" rel="stylesheet" type="text/css" />
<link rel="icon" href="/favicon.ico" type="image/ico" />
gui-specific links do not take the proxy settings into account.
<link
href="http://mysslserver.net/cms/mypub//index/introspection.xml";
type="application/neutron+xml" rel="neutron-introspection" />
<link type="text/css"
href="http://stackingdwarves.net/cms/fairsolution//css/fair-solution.css";
rel="stylesheet" />
<link type="text/css"
href="http://stackingdwarves.net/cms/fairsolution//css/xhtml.css";
rel="stylesheet" />
these links almost work, except for the protocol (should be https, my
server does not serve that content on port 80 unencrypted). seems
related to a bug reported by richard:
http://issues.apache.org/bugzilla/show_bug.cgi?id=42050
<...>
<div id="sidebar">
<ul id="nav">
<li>
<a class="active" href="index.html">Home</a>
</li>
<li>
<a href="unternehmen.html">Unternehmen</a>
</li>
<li>
<a href="leistungen.html">Leistungen</a>
</li>
<li>
<a href="projekte.html">Projekte</a>
</li>
<li>
<a href="kontakt.html">Kontakt</a>
</li>
</ul>
this is the lenya-generated navigation. it seems to be totally oblivious
to the proxy settings.
before i hit bugzilla: how is proxying supposed to work? am i making
obvious configuration mistakes or do i demand stuff it wasn't designed for?
before you ask: yes, all the reported problems can be reproduced with
the default publication.
any comments appreciated.
regards,
jörn
--
Jörn Nettingsmeier
Kurt is up in heaven now.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
