[英]Fronting Tomcat with Apache HTTP Server
Apache Tomcat server.xml: Apache Tomcat server.xml:
<!-- A "Connector" using the shared thread pool-->
<!--
<Connector executor="tomcatThreadPool"
port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
-->
<!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443
This connector uses the NIO implementation that requires the JSSE
style configuration. When using the APR/native implementation, the
OpenSSL style configuration is required as described in the APR/native
documentation -->
<!--
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
-->
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009" address="127.0.0.1" enableLookups="false" protocol="AJP/1.3" redirectPort="8443" />
Apache Http Server httpd.conf : Apache Http服务器httpd.conf:
cd /path/to/apache/config
cd /路径/到/ apache / config
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
ProxyRequests Off
<Proxy *>
Order deny,allow
Deny from all
Allow from localhost
</Proxy>
ProxyPass / ajp://127.0.0.1:8009/ retry=0
ProxyPassReverse / ajp://127.0.0.1:8009/ retry=0
When i do http://[ip]/[app_name] i have this error: 当我执行http:// [ip] / [app_name]时,出现以下错误:
Forbidden
禁止的
You don't have permission to access /[app_name] on this server.
您无权访问此服务器上的/ [app_name]。
Why ? 为什么呢
Your configuration states 您的配置状态
<Proxy *>
Order deny,allow
Deny from all
Allow from localhost
</Proxy>
Guess the meaning of Deny
and Allow
. 猜测“
Deny
和“ Allow
的含义。 Your configuration should work if you are coming from the same server and use localhost
as your address. 如果您来自同一服务器,并且使用
localhost
作为地址,则您的配置应该可以正常工作。 Careful if you use the IP address: Often localhost
is no longer mapped to 127.0.0.1
, but to ::1
, its IPV6 equivalent. 如果您使用IP地址,请当心:通常
localhost
不再映射到127.0.0.1
,而是映射到::1
,相当于IPV6。
Edit: Remove this block and try if it works then. 编辑:删除此块,然后尝试如果它然后工作。
Note that Stackoverflow is for programming related questions, this is rather server administration, so it might be better on https://serverfault.com/ - I'm voting to transfer it over to that site. 请注意,Stackoverflow用于编程相关的问题,这是服务器管理,所以在https://serverfault.com/上可能会更好-我投票将其转移到该站点。 There people might be able to go further - eg give hints to not open up a reverse proxy for everybody everywhere on the internet.
人们也许可以走得更远-例如,提示不要为互联网上每个地方的每个人打开反向代理。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.