Hi Tamas, Try putting a ProxyPassReverse directive after your ProxyPass directive, like so:
ProxyPass / http://localhost:****/ ProxyPassReverse / http://localhost:****/ According to the Apache docs -- http://httpd.apache.org/docs/2.4/mod/mod_proxy.html#proxy ... This is essential when Apache httpd is used as a reverse proxy (or gateway) to avoid by-passing the reverse proxy because of HTTP redirects on the backend servers which stay behind the reverse proxy. Matthew On Tue, Jan 13, 2015 at 7:05 PM, Tamas Hegedus <[email protected]> wrote: > Hi, > > I just wanted to test if it is my code or not... > I quickstarted a test application placed behind apache with ssl. > root.py - about - redirect to data > It exhibited the same phenomenon: > https://tacml.hegelab.orgdata/ > > So I think in 2 possibilities: > 1. my apache configuration has some problem. > 2. TG has a bug > > I try to check my apache configuration tomorrow. However, it is unlikely > to be an apache problem, as it works if there is no "redirect". > I do not think that I can dig into TG... > > Thanks, > Tamas > > > On 01/13/2015 12:06 PM, Tamas Hegedus wrote: > >> I am a little bit shy to share my ugly code... :-) >> >> There are 3 fields in my login form. In my pre_login I extract the 3rd >> one (skey) and redirect to login_handler (or back to the login page) >> >> I have an extra question at the end, inserted in my code. >> >> Thanks a lot! >> >> #------------------------------------ >> # I edited the indents for readability >> >> def pre_login(self, **kw): >> >> user_name = kw.get('login',None) >> ERR = False >> >> # Check the username >> if user_name is None: >> ERR = True >> else: >> try: >> user = >> User.query.filter(User.user_name==user_name).one() >> except sqlalchemy.orm.exc.NoResultFound: >> ERR = True >> >> if ERR: >> login_counter = request.environ.get('repoze.who.logins',0)+1 >> redirect('/login', params=dict(came_from=kw['came_from'], >> __logins=login_counter)) >> >> else: >> # Check the skey - this is the 3rd field >> skey = kw.get('skey', None) >> # this is a prestored object with an encrypted >> # property (I (will) know the encryted property only for >> # this object) >> ttaj = TAJ.query.filter(TAJ.cml_id=="CML00000").one() >> ttaj.skey=str(skey) >> # decryption happens, if it is not OK then >> # the skey is not valid; go back to login >> if ttaj.taj != "000111222": >> login_counter = >> request.environ.get('repoze.who.logins', 0) + 1 >> redirect('/login', >> params=dict(came_from=kw['came_from'], >> __logins=login_counter)) >> else: >> # extra Q: I would like to store session data in file >> # but I have a key shared by specific user that >> # I do not want to appear in any file on my server. >> # Is this a good pattern? (At this moment I could have >> # "global skey" and not a dict, but for future...) >> global skeyD >> skeyD[user_name] = skey >> redirect('/login_handler', kw) >> # here I also tried return HTTPFound >> >> On 01/13/2015 11:49 AM, Moritz Schlarb wrote: >> >>> Could you please also share the relevant code from your mypre_login >>> function? >>> >>> Am 13.01.2015 um 11:41 schrieb Tamas Hegedus: >>> >>>> Hi, >>>> >>>> I have a TG application running fine as a stand alone application. >>>> TG: Current: 2.3.4 >>>> >>>> I place it behind Apache, since I need https. >>>> It works. Some of the pages. >>>> If I try to login then the redirection between the "handlers" exhibit an >>>> error: there is no "/" between the domain name and the function. >>>> >>>> login.html --> action: mypre_login which redirects to login_handler --> >>>> page is not available: https://tacml.hegelab.orglogin_handler/ in the >>>> browser >>>> >>>> I tried to redirect with 'redirect' and 'return HTTPFound' >>>> and got the same result. >>>> >>>> I can not decide whether or not this is an error in my apache >>>> configuration or something with TG. Below is my virtual host file for >>>> apache. >>>> >>>> Thanks for your help in advance, >>>> Tamas >>>> >>>> IfModule mod_ssl.c> >>>> <VirtualHost 195.111.72.57:443> >>>> ServerAdmin [email protected] >>>> ServerName tacml.hegelab.org >>>> ServerAlias tacml.hegelab.org >>>> DocumentRoot /home/****/tg23/mutdb23/mutdb23/public >>>> >>>> ProxyRequests off >>>> <Proxy *> >>>> Order deny,allow >>>> Allow from all >>>> </Proxy> >>>> ProxyPass / http://localhost:****/ >>>> ProxyPreserveHost on >>>> >>>> ErrorLog ${APACHE_LOG_DIR}/tacml-error.log >>>> LogLevel debug >>>> CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined >>>> >>>> SSLEngine on >>>> SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem >>>> SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key >>>> >>>> BrowserMatch "MSIE [2-6]" \ >>>> nokeepalive ssl-unclean-shutdown \ >>>> downgrade-1.0 force-response-1.0 >>>> BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown >>>> >>>> </VirtualHost> >>>> </IfModule> >>>> >>>> >>> > -- > You received this message because you are subscribed to the Google Groups > "TurboGears" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at http://groups.google.com/group/turbogears. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "TurboGears" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/turbogears. For more options, visit https://groups.google.com/d/optout.
