logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: Apache cookie
Author
vkmellon



Joined: 19 Aug 2016
Posts: 2
Location: Kyiv
PostPosted: Fri 19 Aug '16 17:22    Post subject: Apache cookie Reply with quote
Hi! I need help!

I have reverse proxy with config below.
When I log in to page https://app.domain.com/test it's add cookie to browser.
After it I go to http://domain.com but it's redirect to https://domain.com.

I need some help to stop redirecting http://domain.com to https.


Code:
<VirtualHost *:443>
ServerAdmin support@domain.com
ServerName app.domain.com

ProxyPass /test http://serverbackend.domain.com/backend connectiontimeout=600 timeout=600
ProxyPassReverse /test http://serverbackend.domain.com/backend

<Location /test>
Order deny,allow
Allow from all
AuthName example
AuthType form
AuthFormProvider ldap
AuthLDAPUrl ldap://dc.domain.com.....
AuthLDAPBindDN admin
AuthLDAPBindPassword password
Require ldap-group admins
Session On
SessionCookieName session path=/
SessionCryptoPassphrase Secret
SetEnv proxy-chain-auth On
AuthFormFakeBasicAuth On
ErrorDocument 401 /index.html
</Location>
Back to top
mraddi



Joined: 27 Jun 2016
Posts: 152
Location: Schömberg, Baden-Württemberg, Germany
PostPosted: Sun 21 Aug '16 17:48    Post subject: Apache cookie Reply with quote
Hello,

you only have posted a part of your webservers configuration covering the https-part.
There should be a part within you config for the http-part (running on port 80).
Please check if there is some configuration that redirects to https.

There are some other things that could do the redirect:
* a backend server or the application itself could send a redirect to the browser.
* a javascript within the application could check the browsers address-bar and open the https-url
* a plugin within the browser could check if the URL is also accessible with https and if yes open the url with https

As a last possibilty you can do a Wireshark-trace/tcpdump on your webserver to see whats going on on the wire - wo sends what data to whom.

Gretings,
Matthias
Back to top


Reply to topic   Topic: Apache cookie View previous topic :: View next topic
Post new topic   Forum Index -> Apache