我将pentaho docker容器合并到我们的内部基础架构中时遇到问题 .
Overview: 域代理正在侦听端口443(处理SSL和LDAP身份验证),并将流量重定向到apache反向代理(在具有覆盖网络的群中作为docker service) . 反向代理将请求重定向到pentaho容器(与反向代理相同的群集中的docker服务) .
Config: (仅相关行)域代理(不由我们管理):侦听443并重定向到反向代理docker容器反向代理:Listen 80
<VirtualHost *:80>
ServerAlias reverse-proxy
ServerName reverse-proxy
#pentaho redirect
<Location "/application/pentaho">
ProxyPass "ajp://pentaho_host:8009/application/pentaho" ttl=480
ProxyPassReverse "ajp://pentaho_host:8009/application/pentaho"
</Location>
Pentaho Container:
Pentaho使用以下设置运行更改的上下文:
system/server.properties
文件:
fully-qualified-server-url=https://example.com/application/pentaho
Tomcat config:
tomcat/conf/server.xml
:
<Connector URIEncoding="UTF-8" port="8009" protocol="AJP/1.3" redirectPort="8443"
#Without ProxyName and ProxyPort tomcat redirects all app buttons to http://localhost:8009/
ProxyName="example.com"
ProxyPort="443" />
背景变化
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true">
<Context path="/application/pentaho" debug="0" docBase="pentaho" />
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost_access_log" suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
这里的问题是,当我访问https://example.com/application/pentaho时,我得到了pentaho登录页面(https://example.com/application/pentaho/Login),并且在我使用适当的凭据登录后,我再次被重定向到相同的登录页面(使用; JSESSION 32IBN4O1I23N21OI3 ...),但是在控制台I中可以看到登录后,请求传递了j_spring_security_check(HTTP 302 OK),然后它转到https://example.com/application/pentaho/Home ....(也发现HTTP 302)然后返回登录.. .
访问日志:
x.x.x.x - - [21/Sep/2017:15:11:49 +0000] "GET /application/pentaho/Login HTTP/1.1" 200 7208
x.x.x.x - - [21/Sep/2017:15:11:49 +0000] "GET /application/pentaho/webcontext.js HTTP/1.1" 200 4472
x.x.x.x - - [21/Sep/2017:15:11:49 +0000] "GET /application/pentaho/content/sparkl/resources/sparkl-require-js-cfg.js HTTP/1.1" 200 1525
x.x.x.x - - [21/Sep/2017:15:11:49 +0000] "GET /application/pentaho/content/client-config-folder-enabler/client-config-enabler-require-js-cfg.js HTTP/1.1" 200 1019
x.x.x.x - - [21/Sep/2017:15:11:49 +0000] "GET /application/pentaho/js/themes.js HTTP/1.1" 200 1346
x.x.x.x - - [21/Sep/2017:15:11:49 +0000] "GET /application/pentaho/CacheExpirationService HTTP/1.1" 200 1161
x.x.x.x - - [21/Sep/2017:15:11:52 +0000] "POST /application/pentaho/j_spring_security_check HTTP/1.1" 302 -
x.x.x.x - - [21/Sep/2017:15:11:52 +0000] "GET /application/pentaho/Home;jsessionid=09D72F59187B02D027D4313EBDA645EA HTTP/1.1" 200 4928
x.x.x.x - - [21/Sep/2017:15:11:52 +0000] "GET /application/pentaho/Home?locale=en_US HTTP/1.1" 302 -
x.x.x.x - - [21/Sep/2017:15:11:52 +0000] "GET /application/pentaho/Login;jsessionid=B9B10CD32A3CD832C87243A5610C3B09 HTTP/1.1" 200 7301
x.x.x.x - - [21/Sep/2017:15:11:52 +0000] "GET /application/pentaho/webcontext.js HTTP/1.1" 200 4472
一遍又一遍......
你们知道这里可能配置错误吗?
1 回答
您需要添加pentaho样式的反向代理指令:
瞧! :d