[jetty-users] Virtual host proxy problems

Tue, 26 Dec 2017 09:06:07 -0800 

Hi folks,
I have a Jetty (9.4.6) SSL server which uses virtual hosts. The server listens on port 8443, and I use iptables to redirect incoming connections on 443 to the server at 8443. Port 443 is the only one open to the outside world. 


There are two webapps: one is my primary webapp, which responds to 
127.0.0.1, 192.168.1.200 (the first network adapter's internal IP) and 
my primary domain name (say, www.foo.com). The other is a very simple 
proxy servlet which responds to requests directed to 127.0.0.2, 
192.168.1.201 (the second network adapter's IP), and my secondary domain 
name (say, www.bar.com).



The proxy servlet is a simple derivation of ProxyServlet, which 
redirects all incoming requests to a secondary server listening on port 
8888 by overriding rewriteTarget() like this:


  protected String rewriteTarget (HttpServletRequest request) {
    String url = request.getRequestURL().toString();
    String fwd = url.replaceFirst("https://(.*?)(:\\d+)/",
                                  "http://127.0.0.1:8888/";);
    return fwd;
  }


Thus, any incoming HTTPS request get converted to an equivalent request 
to http://127.0.0.1:8888/.


What actually happens is as follows:


1) Running a browser on the server machine: Requests to 
https://127.0.0.1:8443, https://192.168.1.200:8443 both go to the 
primary webapp as expected. Requests to https://127.0.0.2:8443, 
https://192.168.1.201:8443 both go to the secondary server on port 8888 
as expected.



2) From another machine on the local network: Requests to 
https://192.168.1.200:8443 go to the primary webapp as expected. 
Requests to https://192.168.1.201:8443 go to the secondary server on 
port 8888 as expected.



3) Requests to https://www.foo.com go to the primary webapp as expected. 
Requests to https://www.bar.com result in an empty 502 response ("Bad 
Gateway").


Can anyone suggest what might be going wrong here in case (3)?

Thanks,
--
John English
_______________________________________________
jetty-users mailing list
jetty-users@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from 
this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users






















					Reply via email to