Question

3
Replies
1558
Views
 Shekhar (AmitShekhar)

AmitShekhar Member since 2016 3 posts
Posted: January 13, 2016
Last activity: March 16, 2016
Posted: 13 Jan 2016 14:59 EST
Last activity: 16 Mar 2016 15:40 EDT
Closed
Solved

Reverse Proxy  + Custom authentication

Hello Team,

I am implementing custom authentication for a customer via reverse proxy server.

I have followed PDN article https://pdn.pega.com/how-configure-reverse-proxy-server to the required setup

System setting for ContextRewriteEnabled has been set to true in prcofig.xml

Initial request seems to go through properly but later request are not working

.         User clicks link to https://InternalPortal/prweb/App1/CustomServlet

Based on location the reverse proxy then redirects to correct pega url.

The corresponding proxy config is shown below:

<Location "/prweb/App1/">

RequestHeader set PegaRULES-SetContextURI: https://InternalPortal/prweb/App1

ProxyPass https://pega1/prweb/

ProxyPassReverse https://pega1/prweb/

ProxyPassReverseCookieDomain "pega1" "internalportal"

ProxyPassReverseCookiePath "/" "/prweb/App1/"

</Location >

 

It seems the initial request is reaching pega but somehow updates the URL to just https://internalportal/CustomServlet

Notice that the key word "/prweb/App1" gets removed at pega side.

Due to this the new URL is getting blocked by proxy server as then it becomes an invalid URL

Are we doing something incorrectly here?

System Administration
Moderation Team has archived post, This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.

Accepted Solution

Posted: 5 years ago
Posted: 22 Jan 2016 8:21 EST
Chris Koyl (ChrisKoyl)
PEGA
Client Support Engineer Senior Fellow
Pegasystems Inc.
US

Amit and I worked on this together and got this working with the following Apache mod_proxy settings:

<Location "/prweb/App1/">

ProxyPass https://pega1/prweb nocanon

ProxyPassReverse https://pega1/prweb

ProxyPassReverseCookieDomain "pega1" "internalportal"

ProxyPassReverseCookiePath "/" "/prweb/App1/"

RequestHeader set PegaRULES-SetContextURI: https://InternalPortal/prweb/App1

</Location >

The ProxyPass and ProxyPassReverse had the trailing slashes removed. Also added nocanon option to ProxyPass.

Also, we verified that the following were set:

ProxyRequests off

ProxyPerserveHost on

This was done higher in the configuration.

Patches:

7.1.8:  None  (do NOT use HFix-22433)

7.1.9:  Use Hfix-24654.  This patch prevents any X-Forwarded headers sent from load balancers or web server plugins, WebLogic plugin for example, from overriding the PegaRULES-SetContextURI.