For what it's worth, figured I'd update everyone once again. I got this to
work with Oracle Application server by configuring my httpd.conf file like
the below...obviously I tweaked it a bit for my application. Basically it
was the certheaders module that allowed it to simulatehttps. Pretty sure
this is specific to Oracle HTTP Server, which is based on Apache with some
extras. I believe the same can be done with standard Apache, it just
requires patching to be able to use the mod_urlscheme -
http://rmc.home.xs4all.nl/mod_urlscheme.html
Listen 4430
# SSL on the front-end (terminating there) requires certain responses.
# Load correct module before the VirtualHost configuration:
# UNIX:
# LoadModule certheaders_module libexec/mod_certheaders.so
# WINDOWS (two lines):
# LoadModule certheaders_module modules/ApacheModuleCertHeaders.dll
# AddModule mod_certheaders.c
# Important: AddModule line is best included with other AddModule
NameVirtualHost *:4430
<VirtualHost *:4430>
# Front-end name
ServerName www.company.com
# Front-End Port
Port 443
# SSL on the front-end (terminating there) requires certain
responses.
# (See LoadModule and AddModule lines above)
AddCertHeader HTTPS
# For use with other load balancers and front-end devices:
SimulateHttps On
# Applications such as SSO and Portal will require the following:
RewriteEngine On
RewriteOptions inherit
</VirtualHost>
On Tue, Jul 26, 2011 at 9:22 AM, Heiko Schlittermann
<[email protected]>wrote:
> Hall Barricklow <[email protected]> (Tue Jul 26 15:57:01 2011):
> > OK- just to update, I figured out how to get it to work with my weblogic
> > instance. I had to add a header:
> >
> > AddHeader "WL-Proxy-SSL: true"
> >
> > Now if only I could find out the equivalent header to add for Oracle
> > Application server(which is nothing but Apache HTTP) and Oracle Portal
> > Server(which I also think is nothing but Apache HTTP).
>
> IMHO it is part of the application logic, not part of the webserver used
> for servicing the requests. The webserver just passes the protocol
> information to the application. (MAY be, somebody can write an apache
> mod for faking this protocol information. Writing this: MAY be
> mod_rewrite with it's endless magic could even do this. I think(!), it's
> just the content of some environment variables you need to set…)
>
> Plan A) find a config option in your application for telling the
> "external" URL used to access it
>
> PLAN B) find the source of your application and fix the source
> "may the source be with you" ☺
>
> PLAN C) read about mod_rewrite, if it is possible to lie about
> the used protocol (by setting/changing some ENV variables)
>
> PLAN D) use pound for proxying HTTPS to HTTPS …
>
> PLAN E) do not use pound at all - if you need load balancing,
> check out LVS (linux virtual server) or check Linux
> iptables -m cluster (load balancing w/o load balancer)
>
>
> … or re-order/extend the plans as you want ;-)
>
> --
> Heiko :: dresden : linux : SCHLITTERMANN.de
> GPG Key 48D0359B : 3061 CFBF 2D88 F034 E8D2 7E92 EE4E AC98 48D0 359B
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.10 (GNU/Linux)
>
> iEUEARECAAYFAk4uzYsACgkQ7k6smEjQNZs1CwCXRzguE86wFNc1rXK4ConE/rh6
> XACgsW9MTLQXqkYnDqQDyHynhy+HRUI=
> =/EKR
> -----END PGP SIGNATURE-----
>
>
