Hrrmmmm.....

And now it seems to have resolved itself. I honestly don't know what fixed 
it.

On Wednesday, December 5, 2012 6:31:48 PM UTC-6, Brian Lewis wrote:
>
> Hello All,
>
> I've been racking my brain on this for a couple of days and figured I'd 
> post here before I refactor my entire setup. Basically what we are doing 
> is, we have two servers - one is a standard apache web node that acts as a 
> proxy server and terminates SSL, then we have reviewboard being proxied 
> behind that. 
>
> I've got everything setup and working with the exception of one piece. I 
> can upload a diff, I can add titles, descriptions, reviewers, etc. Tracing 
> the requests I can see that https is being returned as the request URL, 
> HOWEVER, when you go to publish a review, we get a 304 error and the 
> request URL is a non-https link. 
>
> I'm doing the rewriting from the web node directly, with a mod_rewrite 
> specifically calling out that its proxied (but changing or completely 
> removing the options doesn't make any difference) For reference, here's the 
> rewrite :: 
>
>  RewriteCond %{HTTPS} off
>  RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=301,P,PT,L]
>
>
> When I click on publish, essentially I see two requests (and nothing at 
> all in the debug logs, etc)  The first :: 
>
> Request 
> URL:*https://reviewboard.boku.com/reviews/api/review-requests/189/?api_format=json
>  
> <https://reviewboard.boku.com/reviews/api/review-requests/189/?api_format=json>*
> Request Method:GET
> Status Code:304 NOT MODIFIED
> Request Headersview source
> Accept:application/json, text/javascript, */*
> Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3
> Accept-Encoding:gzip,deflate,sdch
> Accept-Language:en-US,en;q=0.8
> Cache-Control:max-age=0
> Connection:keep-alive
> Cookie:rbsessionid=bbf077166394571eaaf514053e6c4691; 
> __utma=109258518.568604164.1352840613.1352938162.1354736370.4; 
> __utmc=109258518; __utmz=109258518.1352929269.2.2.utmcsr=google|utmccn=(
> organic)|utmcmd=organic|utmctr=(not%20provided); csrftoken=
> b6dec71b9219e2090d9d98acf203e1f4
> Host:reviewboard.boku.com
> If-Modified-Since:Wed, 05 Dec 2012 22:02:11 GMT
> Referer:https://reviewboard.boku.com/reviews/r/189/
> User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) 
> AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.95 Safari/537.11
> X-Requested-With:XMLHttpRequest
> Query String Parametersview URL encoded
> api_format:json
> Response Headersview source
> Cache-Control:max-age=0
> Connection:close
> Date:Thu, 06 Dec 2012 00:12:46 GMT
> Expires:Thu, 06 Dec 2012 00:12:48 GMT
> Server:Apache/2.2.15 (CentOS)
> Vary:Accept,Cookie,Accept-Language
>
> The second :: 
>
>
> Request 
> URL:*http://reviewboard.boku.com/reviews/api/review-requests/189/draft/ 
> <http://reviewboard.boku.com/reviews/api/review-requests/189/draft/>*
> Request Method:OPTIONS
> Status Code:200 OK
> Request Headersview source
> Accept:*/*
> Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3
> Accept-Encoding:gzip,deflate,sdch
> Accept-Language:en-US,en;q=0.8
> Access-Control-Request-Headers:origin, x-requested-with, content-type, 
> accept
> Access-Control-Request-Method:PUT
> Connection:keep-alive
> Host:reviewboard.boku.com
> Origin:https://reviewboard.boku.com
> User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) 
> AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.95 Safari/537.11
> Response Headersview source
> Allow:GET,HEAD,POST,OPTIONS
> Connection:close
> Content-Length:0
> Content-Type:text/plain; charset=UTF-8
> Date:Thu, 06 Dec 2012 00:12:48 GMT
> Server:Apache
>
>
> literally every other request comes in via HTTPS, clicking on links, 
> performing actions, etc. the ONLY thing that fails is publishing. I'm not 
> sure what to do next at this point so I wanted to see if anyone had ever 
> run into this. Below I will also paste the apache config for the proxy/ssl 
> term server and the web head for comparison. 
>
>
> SSL Proxy :: 
>
> <VirtualHost 192.168.200.124:443>
>
>   ServerName reviewboard.COMPANYNAME.com 
> <http://reviewboard.companyname.com/>
>
>   SSLEngine on
>
>   SSLProtocol all -SSLv2
>
>   SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
>
>   SSLCertificateFile /etc/pki/entrust-certs/
> star.COMPANYNAME.com/star.COMPANYNAME.com.crt 
> <http://star.companyname.com/star.COMPANYNAME.com.crt>
>
>   SSLCertificateKeyFile /etc/pki/entrust-certs/
> star.COMPANYNAME.com/star.COMPANYNAME.com.key 
> <http://star.companyname.com/star.COMPANYNAME.com.key>
>
>   SSLCACertificateFile /etc/pki/entrust-certs/
> star.COMPANYNAME.com/star.COMPANYNAME.com_bundle.crt 
> <http://star.companyname.com/star.COMPANYNAME.com_bundle.crt>
>
> #  SSLCertificateFile /etc/pki/tls/certs/COMPANYNAME.com.crt
>
> #  SSLCertificateKeyFile /etc/pki/tls/certs/COMPANYNAME.com.key
>
> #  SSLCACertificateFile /etc/pki/tls/certs/gd_bundle.crt
>
>
>   # Default to not cache anything
>
>   ExpiresActive On
>
>   ExpiresDefault "access plus 0 seconds"
>
>
>   # Cache just images
>
>   ExpiresByType image/gif "access plus 10 minutes"
>
>   ExpiresByType image/jpg "access plus 10 minutes"
>
>   ExpiresByType image/png "access plus 10 minutes"
>
>
>   proxyPreserveHost On
>
>   ProxyRequests On
>
>
>   ProxyPass / http://reviewboard01.local-COMPANYNAME.net:8080/ 
> <http://reviewboard01.local-companyname.net:8080/>
>
>   ProxyPassReverse / http://reviewboard01.local-COMPANYNAME.net:8080/ 
> <http://reviewboard01.local-companyname.net:8080/>
>
>   <Location />
>
>     ProxyPassReverse /
>
>     Order deny,allow
>
>     Allow from all
>
>   </Location>
>
>   RequestHeader edit Location ^http://reviewboard.COMPANYNAME.com/ 
> <http://reviewboard.companyname.com/> https://reviewboard.COMPANYNAME.com/ 
> <https://reviewboard.companyname.com/>
>
>
>   CustomLog /var/log/httpd/reviewboard.COMPANYNAME.com-access.log common
>
>   ErrorLog  /var/log/httpd/reviewboard.COMPANYNAME.com-error.log
>
> SetEnv HTTPS on 
>
>
> </VirtualHost>
>
>
> <VirtualHost *:80>
>
>   ServerName reviewboard.COMPANYNAME.com 
> <http://reviewboard.companyname.com/>
>
>   #RewriteEngine on
>
>
>   # Rewrite traffic back to https://reviewboard.COMPANYNAME.com 
> <https://reviewboard.companyname.com/>
>
> #  RewriteCond %{SERVER_NAME}    reviewboard.COMPANYNAME.com 
> <http://reviewboard.companyname.com/>
>
> #  RewriteCond %{HTTPS} !=on
>
> #  RewriteRule ^/(.*)$ https://reviewboard.COMPANYNAME.com/$1 
> <https://reviewboard.companyname.com/$1> [R=301,PT]
>
>
>  RewriteCond %{HTTPS} off
>
>  RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=301,P,PT,L]
>
>
>   CustomLog /var/log/httpd/reviewboard.COMPANYNAME.com-access.log common
>
>   ErrorLog  /var/log/httpd/reviewboard.COMPANYNAME.com-error.log
>
> SetEnv HTTPS on 
>
> </VirtualHost>
>
>
>
> Web Node/Node running Reviewboard 
>
>
> Listen 8080
>
> <VirtualHost *:8080>
>
> SetEnv HTTPS on
>
> ServerName reviewboard01.local-COMPANYNAME.net 
> <http://reviewboard01.local-companyname.net/>
>
> DocumentRoot "/var/www/reviewboard/htdocs"
>
> #LogLevel debug
>
> # Error handlers
>
> ErrorDocument 500 /errordocs/500.html
>
>
> WSGIPassAuthorization On
>
> WSGIScriptAlias "/reviews" 
> "/var/www/reviewboard/htdocs/reviewboard.wsgi/reviews"
>
> <Directory "/var/www/reviewboard/htdocs">
>
> AllowOverride All
>
> Options -Indexes FollowSymLinks
>
> Allow from all
>
> </Directory>
>
>
> # Alias static media requests to filesystem
>
> Alias /reviews/media "/var/www/reviewboard/htdocs/media"
>
> Alias /reviews/errordocs "/var/www/reviewboard/htdocs/errordocs"
>
> Alias /reviews/favicon.ico 
> "/var/www/reviewboard/htdocs/media/rbcommons/images/favicon.png"
>
>
> Any help here would be greatly appreciated! 
>
>
> Best,
>
> Brian
>

-- 
Get the Review Board Power Pack at http://www.reviewboard.org/powerpack/
---
Sign up for Review Board hosting at RBCommons: https://rbcommons.com/
---
Happy user? Let us know at http://www.reviewboard.org/users/
--- 
You received this message because you are subscribed to the Google Groups 
"reviewboard" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to reviewboard+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to