Topic: Configuring Reverse Proxy in Jboss EAS Connect to TOMCAT7

[Saaim]

We have the following Architecture in Place
1. DMZ External Node (SSL Enabled) with Jboss EAS on RHEL 6.5 (Public IP)
2. TOMCAT7 internal Node (Private IP) with Application Tier

We want to connect the internet users to the Application node via reverse Proxy (DMZ Jboss EWS).
Below is the error message that appears when we try to access the Application via external DMZ Tier.
Also find below the configuration on External DMZ to forward the Request to the internal Application Node using Tomcat7 WebServer.

[root@rcjvctsrp ~]# /u01/jboss/jboss-ews-2.1/httpd/sbin/apachectl status
Not Found

The requested URL /server-status was not found on this server.

--------------------------------------------------------------------------

Apache/2.2.26 (Red Hat Enterprise Web Server) Server at localhost Port 80



#<VirtualHost *:80>
# ServerAdmin webmaster@dummy-host.example.com
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>
<VirtualHost *:80>
# Your domain name
#ServerName Domain_NAME_HERE

ProxyPreserveHost On

# The IP and port of the JBoss Enterprise Application Platform
# These represent the default values, if your HTTPD is on the same host
# as your JBoss Enterprise Application Platform managed domain or server

# The location of the HTML files, and access control information
#DocumentRoot /var/www
#<Directory /var/www>
#Options -Indexes
#Order allow,deny
#Allow from all
#</Directory>

</VirtualHost>
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_http_module modules/mod_proxy_http.so

# Uncomment these to proxy FTP or HTTPS
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so

<VirtualHost publicip:443>
DocumentRoot /var/www/html
ServerName cts.rcjubail.gov.sa
SSLEngine on
SSLCertificateFile /u01/certificates/certs/cts_rcjubail_gov_sa.crt
SSLCertificateKeyFile /u01/certificates/cts_rcjubail_gov_sa.key
SSLCertificateChainFile /u01/certificates/certs/DigiCertCA.crt
#ProxyPassReverse /edms http://10.10.40.154:8888/edms
#ProxyPass /edms http://10.10.40.154:8888/edms
ProxyPass /edms http://10.10.40.154:8888/edms
ProxyPassReverse /edms http://10.10.40.154:8888/edms
</VirtualHost>

Above outs from DMZ External Server (JBOSS Enterprise WebServer).

[James Blond]

Enable mod_status and configure the access to it.
See https://httpd.apache.org/docs/current/mod/mod_status.html

if you still have a question please ask again.

[Saaim]

#<VirtualHost 194.36.164.161:8443>
<VirtualHost 10.10.40.154:8888>
DocumentRoot /var/www/html
ServerName cts.rcjubail.gov.sa
SSLEngine on
SSLCertificateFile /u01/certificates/certs/cts_rcjubail_gov_sa.crt
SSLCertificateKeyFile /u01/certificates/cts_rcjubail_gov_sa.key
SSLCertificateChainFile /u01/certificates/certs/DigiCertCA.crt
#ProxyPassReverse /edms http://10.10.40.154:8888/edms
#ProxyPass /edms http://10.10.40.154:8888/edms
ProxyPass /edms ajp://10.10.40.154:8888/edms
ProxyPassReverse /edms ajp://10.10.40.154:8888/edms
</VirtualHost>
<Location "/server-status">
SetHandler server-status
Require host rcjvctsrp.jubail.gov.sa
</Location>



http://rcjvctsrp.jubail.rc.gov/server-status

Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, abrars@rcjubail.gov.sa and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.


--------------------------------------------------------------------------------

Apache/2.2.26 (Red Hat Enterprise Web Server) Server at rcjvctsrp.jubail.rc.gov Port 80

[James Blond]

Use the following to see what causes the error.

[Saaim]

VirtualHost configuration:
10.10.40.154:8888 cts.rcjubail.gov.sa (/u01/jboss/jboss-ews-2.1/httpd/conf/httpd.conf:1029)
wildcard NameVirtualHosts and _default_ servers:
_default_:443 rcjvctsrp.jubail.rc.gov (/u01/jboss/jboss-ews-2.1/httpd/conf.d/ssl.conf:81)
*:80 rcjvctsrp.jubail.rc.gov (/u01/jboss/jboss-ews-2.1/httpd/conf/httpd.conf:1001)
You have new mail in /var/spool/mail/root

[James Blond]

So only the the server-status page doesn't work yet?

[Saaim]

Server Status Does not work also the request is not forwarded to the internal node as it should be. The DMZ Server should route the incoming external (HTTPS:8443)traffic RCJVCTSRP(Host) Server to internal Server(HTTP:8888)RCJVCTS(Host).