我有一台运行Apache Web服务器的Ubuntu服务器主机。在这个主机上运行的是一个docker容器,为Geoserver(通过Tomcat构建)(使用此image构建)提供端口配置,如下所示:0.0.0.0:32770-> 8080 / tcp
我可以使用http://my.domain:32770/geoserver来轻松访问Geoserver 我在主机上的Apache中配置了一个重定向,用于通过HTTPS提供所有请求(请参阅下面的代码片段),这与请求中的端口不能很好地协调(即https://my.domain:32770/geoserver)
<VirtualHost *:80>
# sending http requests to https
ServerName data.nrri.umn.edu
Redirect permanent / https://data.nrri.umn.edu/
</VirtualHost>
我尝试解决此问题的方法是在Apache配置文件中使用ProxyPass
指令:
ProxyRequests Off
ProxyPreserveHost On
ProxyPass /my-geoserver http://127.0.0.1:32770/geoserver
ProxyPassReverse /my-geoserver http://127.0.0.1:32770/geoserver
当我使用我期望的URL时,会让我进入Geoserver主页,就像上面的那样(即http://my.domain/my-geoserver)我被重定向到 https://my.domain/geoserver/index.html并提交404 Not Found 我还要注意,http://my.domain:32770/geoserver和http://my.domain:32770/geoserver/index.html都解析为http://my.domain:32770/geoserver/web/
我在这里做错了什么?
修改的
curl -L -v -o /dev/null data.nrri.umn.edu/nra-geoserver
* Hostname was NOT found in DNS cache
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying 131.212.123.7...
* Connected to data.nrri.umn.edu (131.212.123.7) port 80 (#0)
> GET /nra-geoserver HTTP/1.1
> User-Agent: curl/7.35.0
> Host: data.nrri.umn.edu
> Accept: */*
>
< HTTP/1.1 302 Found
< Date: Fri, 19 May 2017 15:28:35 GMT
* Server Apache-Coyote/1.1 is not blacklisted
< Server: Apache-Coyote/1.1
< Location: /geoserver/index.html
< Content-Length: 0
< Set-Cookie: JSESSIONID=DFECFFB91353A34C407488EAAF70A2B4; Path=/geoserver; HttpOnly
<
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
* Connection #0 to host data.nrri.umn.edu left intact
* Issue another request to this URL: 'HTTP://data.nrri.umn.edu/geoserver/index.html'
* Found bundle for host data.nrri.umn.edu: 0x95b8c0
* Re-using existing connection! (#0) with host data.nrri.umn.edu
* Connected to data.nrri.umn.edu (131.212.123.7) port 80 (#0)
> GET /geoserver/index.html HTTP/1.1
> User-Agent: curl/7.35.0
> Host: data.nrri.umn.edu
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
< Date: Fri, 19 May 2017 15:28:35 GMT
* Server Apache/2.4.7 (Ubuntu) is not blacklisted
< Server: Apache/2.4.7 (Ubuntu)
< Location: https://data.nrri.umn.edu/geoserver/index.html
< Content-Length: 336
< Content-Type: text/html; charset=iso-8859-1
<
* Ignoring the response-body
{ [data not shown]
100 336 100 336 0 0 38536 0 --:--:-- --:--:-- --:--:-- 38536
* Connection #0 to host data.nrri.umn.edu left intact
* Issue another request to this URL: 'https://data.nrri.umn.edu/geoserver/index.html'
* Found bundle for host data.nrri.umn.edu: 0x95b8c0
* Hostname was NOT found in DNS cache
* Trying 131.212.123.7...
* Connected to data.nrri.umn.edu (131.212.123.7) port 443 (#1)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
} [data not shown]
* SSLv3, TLS handshake, Server hello (2):
{ [data not shown]
* SSLv3, TLS handshake, CERT (11):
{ [data not shown]
* SSLv3, TLS handshake, Server key exchange (12):
{ [data not shown]
* SSLv3, TLS handshake, Server finished (14):
{ [data not shown]
* SSLv3, TLS handshake, Client key exchange (16):
} [data not shown]
* SSLv3, TLS change cipher, Client hello (1):
} [data not shown]
* SSLv3, TLS handshake, Finished (20):
} [data not shown]
* SSLv3, TLS change cipher, Client hello (1):
{ [data not shown]
* SSLv3, TLS handshake, Finished (20):
{ [data not shown]
* SSL connection using ECDHE-RSA-AES256-GCM-SHA384
* Server certificate:
* subject: C=US; ST=MN; L=Minneapolis; O=University of Minnesota; OU=Natural Resources Research Institute; CN=data.nrri.umn.edu
* start date: 2017-04-18 00:00:00 GMT
* expire date: 2020-04-17 23:59:59 GMT
* subjectAltName: data.nrri.umn.edu matched
* issuer: C=US; ST=MI; L=Ann Arbor; O=Internet2; OU=InCommon; CN=InCommon RSA Server CA
* SSL certificate verify ok.
> GET /geoserver/index.html HTTP/1.1
> User-Agent: curl/7.35.0
> Host: data.nrri.umn.edu
> Accept: */*
>
< HTTP/1.1 404 Not Found
< Date: Fri, 19 May 2017 15:28:35 GMT
* Server Apache/2.4.7 (Ubuntu) is not blacklisted
< Server: Apache/2.4.7 (Ubuntu)
< Content-Length: 301
< Content-Type: text/html; charset=iso-8859-1
<
{ [data not shown]
100 301 100 301 0 0 4404 0 --:--:-- --:--:-- --:--:-- 4404
* Connection #1 to host data.nrri.umn.edu left intact
答案 0 :(得分:0)
好的,所以发生了两次重定向。我不确定解决第一个问题的好方法(解决方案可能与第二个解决方案一样)。但是第二个,您应该能够在路径中添加尾随/
。生成的代理指令将是:
ProxyPass /my-geoserver/ http://127.0.0.1:32770/geoserver/
ProxyPassReverse /my-geoserver/ http://127.0.0.1:32770/geoserver/
首先在http://data.nrri.umn.edu/geoserver/index.html然后使用http://data.nrri.umn.edu/nra-geoserver尝试,然后查看下一步失败的位置。如果前者有效但后者失败,我们可能还需要编辑一些Tomcat配置(以启用远程IP阀https://tomcat.apache.org/tomcat-7.0-doc/api/org/apache/catalina/valves/RemoteIpValve.html)。