[英]Apache Virtual Host proxypass not working for root url in HTTPS
I wrote these Virtual Host entries for force https and to proxy the requests to a embed tomcat running at local 8080 for a Java Spring JSF app. I wrote these Virtual Host entries for force https and to proxy the requests to a embed tomcat running at local 8080 for a Java Spring JSF app. It works fine for subdirectories like
https://my.site.com/something.jsf
but not to root https domain https://my.site.com
, that gots redirect to just index.html
(with no domain prefix). It works fine for subdirectories like
https://my.site.com/something.jsf
but not to root https domain https://my.site.com
, that gots redirect to just index.html
(with no domain prefix).
For http request http://my.site.com
it is correctly redirect to https with no issues.对于 http 请求
http://my.site.com
它正确地重定向到 Z5E056C500A1C4B6A7110B 没有问题。
When I had just *:80
with the same proxypass it worked just fine.当我只有
*:80
和相同的 proxypass 时,它工作得很好。
<VirtualHost *:80>
ServerName my.site.com
RedirectPermanent / https://my.site.com/
</VirtualHost>
<VirtualHost *:443>
ServerName my.site.com
ServerAlias my.site.com
ProxyPreserveHost On
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
SSLEngine On
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
</VirtualHost>
httpd access_log: httpd 访问日志:
https requests to root produces this log line: https 对 root 的请求会产生以下日志行:
201.8.25.80 - - [12/Feb/2021:14:37:21 -0300] "GET / HTTP/1.1" 302 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.150 Safari/537.36"
No error is reported in httpd error_log . httpd error_log没有报错。
Tomcat log: Tomcat 日志:
I got this stacktrace in the application log, but I'm not sure that is related, cause is's not logged everytime that root https is called.我在应用程序日志中得到了这个堆栈跟踪,但我不确定这是否相关,因为每次调用 root https 时都没有记录。
INFO 3093 --- [http-nio-8080-exec-3] o.apache.coyote.http11.Http11Processor : Error parsing HTTP request header
Note: further occurrences of HTTP header parsing errors will be logged at DEBUG level.
java.lang.IllegalArgumentException: Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986
at org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:479) ~[tomcat-embed-core-8.5.34.jar!/:8.5.34]
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:684) ~[tomcat-embed-core-8.5.34.jar!/:8.5.34]
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) ~[tomcat-embed-core-8.5.34.jar!/:8.5.34]
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:806) ~[tomcat-embed-core-8.5.34.jar!/:8.5.34]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1498) ~[tomcat-embed-core-8.5.34.jar!/:8.5.34]
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) ~[tomcat-embed-core-8.5.34.jar!/:8.5.34]
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) ~[na:na]
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) ~[na:na]
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) ~[tomcat-embed-core-8.5.34.jar!/:8.5.34]
at java.base/java.lang.Thread.run(Thread.java:834) ~[na:na]
I'm looking for possible solutions and reasons for this behavior for days, and got nothing... If someone can help, I'll be grateful.几天来,我一直在寻找这种行为的可能解决方案和原因,但一无所获……如果有人可以提供帮助,我将不胜感激。
I didn't discover why the requests to root in https was being wrong redirected.我没有发现为什么 https 中的 root 请求被错误重定向。 But it's been solved by adding a
<LocationMatch>
that match to root and redirect to index.jsf
, keeping the proxy directives, like so:但它已通过添加与根匹配并重定向到
index.jsf
的<LocationMatch>
来解决,保留代理指令,如下所示:
<VirtualHost *:443>
ServerName my.site.com
SSLEngine On
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
<LocationMatch "^/?$">
Redirect / /index.jsf
</LocationMatch>
ProxyPreserveHost On
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
</VirtualHost>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.