Pentaho apache反向代理代理SSL集成-Java 学习之路

我将pentaho docker容器合并到我们的内部基础架构中时遇到问题 .

Overview: 域代理正在侦听端口443（处理SSL和LDAP身份验证），并将流量重定向到apache反向代理（在具有覆盖网络的群中作为docker service） . 反向代理将请求重定向到pentaho容器（与反向代理相同的群集中的docker服务） .

Config: （仅相关行）域代理（不由我们管理）：侦听443并重定向到反向代理docker容器反向代理：Listen 80

<VirtualHost    *:80>
    ServerAlias     reverse-proxy
    ServerName      reverse-proxy
#pentaho redirect
<Location "/application/pentaho">
    ProxyPass               "ajp://pentaho_host:8009/application/pentaho" ttl=480
    ProxyPassReverse        "ajp://pentaho_host:8009/application/pentaho"
</Location>

Pentaho Container:

Pentaho使用以下设置运行更改的上下文：

system/server.properties 文件：

fully-qualified-server-url=https://example.com/application/pentaho

Tomcat config:

tomcat/conf/server.xml ：

<Connector URIEncoding="UTF-8" port="8009" protocol="AJP/1.3" redirectPort="8443"
#Without ProxyName and ProxyPort tomcat redirects all app buttons to http://localhost:8009/
ProxyName="example.com"
ProxyPort="443" />

背景变化

<Host name="localhost"  appBase="webapps"
unpackWARs="true" autoDeploy="true">
    <Context path="/application/pentaho" debug="0" docBase="pentaho" />
    <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost_access_log" suffix=".txt"
pattern="%h %l %u %t &quot;%r&quot; %s %b" />
</Host>

这里的问题是，当我访问https://example.com/application/pentaho时，我得到了pentaho登录页面（https://example.com/application/pentaho/Login），并且在我使用适当的凭据登录后，我再次被重定向到相同的登录页面（使用; JSESSION 32IBN4O1I23N21OI3 ...），但是在控制台I中可以看到登录后，请求传递了j_spring_security_check（HTTP 302 OK），然后它转到https：//example.com/application/pentaho/Home ....（也发现HTTP 302）然后返回登录.. .

访问日志：

x.x.x.x - - [21/Sep/2017:15:11:49 +0000] "GET /application/pentaho/Login HTTP/1.1" 200 7208
x.x.x.x - - [21/Sep/2017:15:11:49 +0000] "GET /application/pentaho/webcontext.js HTTP/1.1" 200 4472
x.x.x.x - - [21/Sep/2017:15:11:49 +0000] "GET /application/pentaho/content/sparkl/resources/sparkl-require-js-cfg.js HTTP/1.1" 200 1525
x.x.x.x - - [21/Sep/2017:15:11:49 +0000] "GET /application/pentaho/content/client-config-folder-enabler/client-config-enabler-require-js-cfg.js HTTP/1.1" 200 1019
x.x.x.x - - [21/Sep/2017:15:11:49 +0000] "GET /application/pentaho/js/themes.js HTTP/1.1" 200 1346
x.x.x.x - - [21/Sep/2017:15:11:49 +0000] "GET /application/pentaho/CacheExpirationService HTTP/1.1" 200 1161
x.x.x.x - - [21/Sep/2017:15:11:52 +0000] "POST /application/pentaho/j_spring_security_check HTTP/1.1" 302 -
x.x.x.x - - [21/Sep/2017:15:11:52 +0000] "GET /application/pentaho/Home;jsessionid=09D72F59187B02D027D4313EBDA645EA HTTP/1.1" 200 4928
x.x.x.x - - [21/Sep/2017:15:11:52 +0000] "GET /application/pentaho/Home?locale=en_US HTTP/1.1" 302 -
x.x.x.x - - [21/Sep/2017:15:11:52 +0000] "GET /application/pentaho/Login;jsessionid=B9B10CD32A3CD832C87243A5610C3B09 HTTP/1.1" 200 7301
x.x.x.x - - [21/Sep/2017:15:11:52 +0000] "GET /application/pentaho/webcontext.js HTTP/1.1" 200 4472

一遍又一遍......

你们知道这里可能配置错误吗？

1 回答

您需要添加pentaho样式的反向代理指令：

<Location "/application/pentaho-style">
    ProxyPass               "ajp://pentaho_host:8009/application/pentaho-style" ttl=480
    ProxyPassReverse        "ajp://pentaho_host:8009/application/pentaho-style"
</Location>

瞧！：d

回复于 2024-04-20T21:34:39+08:00

Pentaho apache反向代理代理SSL集成

1 回答

相关问题