我想要实现的目标:
浏览器 - > Apache(https) - > Sonarqube(http)
问题:
Sonar的位置标题是http:// ..,所以访问 https://trm.tine.no/sonar 重定向到 http://trm.tine.no/sonar
我已经完成了标准反向代理基础设施的说明,如下所述: http://docs.sonarqube.org/display/SONAR/Running+SonarQube+Over+HTTPS
ProxyPreserveHost On
ProxyRequests Off
..
.. SSL config goes here
..
RequestHeader set X-Forwarded-Proto "https"
#SONAR related configurations
AllowEncodedSlashes NoDecode
ProxyPass /sonar http://<my.ip>:9000/sonar disablereuse=On nocanon
ProxyPassReverse /sonar http://<my.ip>:9000/sonar
我通过代理Nexus(它也依赖于X-Forwarded-Proto)来验证X-Forwarded-Proto标头,这可以按预期工作。
curl确认Location标头为http,而不是https curl -I https ://trm.tine.no/sonar
HTTP/1.1 302 Found
Date: Wed, 21 Oct 2015 13:49:39 GMT
Server: Apache-Coyote/1.1
Location: http://trm.tine.no/sonar/
Transfer-Encoding: chunked
想知道我可能会遗漏什么,或者这是否是一个真正的错误?
运行Sonarqube 5.1.1
解决方案
来自@kraal的建议解决方案对我们没有任何影响,但是如果你附加/它的URI它可以工作。
E.g。
curl -I https://trm.tine.no/sonar
HTTP/1.1 302 Found
Date: Thu, 22 Oct 2015 10:53:23 GMT
Server: Apache-Coyote/1.1
Location: http://trm.tine.no/sonar/
Transfer-Encoding: chunked
正如我们所看到的,Location仍然设置为http,但以下工作(注意/在结尾处)
curl -I https://trm.tine.no/sonar/
HTTP/1.1 302 Found
Date: Thu, 22 Oct 2015 10:53:25 GMT
Server: Apache-Coyote/1.1
Cache-Control: no-cache
Location: https://trm.tine.no/sonar/sessions/new
X-Frame-Options: SAMEORIGIN
Content-Type: text/html;charset=utf-8
Content-Length: 104
Set-Cookie: JSESSIONID=A8B19F73D93B35BCA24F019EEB848666; Path=/sonar/; HttpOnly
因此,当Sonar重定向到/ sonar / sessions / new(登录页面)时,似乎会发生一些事情,其行为与/ sonar / to / sonar不同
将/附加到URI是一种适用于我们的解决方法。
答案 0 :(得分:1)
问题可能是由于您的ProxyPassReverse。以下是我们配置的摘录(使用apache&lt; 2.2.18):
<VirtualHost *:443>
# https and port are specified in order to make sure that the server generates the correct
# self-referential URLs.
ServerName https://visiblehost:443
# ... SSL and other configuration here
# ProxyRequests must be set to "off" as we use Apache as a reverse proxy.
ProxyRequests Off
# ProxyPreserveHost must be set to "on" in order to pass the Host: line from the incoming request to the
# proxied host, instead of the hostname specified in the ProxyPass line.
ProxyPreserveHost On
# AllowEncodedSlashes must be set to "on" in order to preserve urls built by SonarQube which include
# encoded slashes. Once we upgrade to Apache 2.2.18, the property will need to be set to "NoDecode".
AllowEncodedSlashes On
# Some RequestHeaders must be set in order for the headers to have the right value required for https
# communications.
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Port "443"
# ProxyPass defines that Apache communicates with SonarQube using ajp protocol
# and that no canonalization has to be done.
# ReverseProxyPass defines that https communications are only done between client
# and Apache.
ProxyPass /sonar ajp://hiddenhost:port/sonar nocanon
ProxyPassReverse /sonar https://visiblehost/sonar
</VirtualHost>
正如您所看到的,一方面,ProxyPassReverse定义了必须在用户和https上下文根上的反向代理之间进行/sonar通信。指定的URL是&#34;可见&#34;的Apache URL。给用户。
另一方面,ProxyPass定义Apache将/sonar上的所有流量发送到&#34;隐藏&#34; URL。在我们的示例中,我们使用AJP协议以确保无法直接访问此网址,但如果您使用http,则配置应该相似(将ajp替换为http select x.Col1, y.Col2
from ALongTableName x
inner join AReallyReallyLongTableName y on x.Id = y.OtherId
)。
希望它有所帮助,
米歇尔
答案 1 :(得分:0)
(对于任何偶然发现这篇文章的人,我在google网上发布了一个类似的问题:https://groups.google.com/forum/#!topic/sonarqube/mztZGAvG_I0并且被回复者通知此帖子,我不打算造成重复)
关于通过更改尾部斜杠对你有用的修复,遗憾的是这对我不起作用(我已经附加了它们)删除它们也不起作用。
答案 2 :(得分:0)
对于Apache 2.4和Sonarqube 8.0,我的解决方法是:
list_df2