I am having issues setting up a BOSH service for a webchat. As XMPP server I'm using OpenFire and I'm already able to connect to the server using the Pidgin client. What I've done is the following:
First of all I've enabled the proxy using a2enmod proxy proxy_http. Then I went to edit the proxy.conf and added these in the end
ProxyVia On
ProxyErrorOverride On
ProxyPass /http-bind http://localhost:7070/http-bind
ProxyPassReverse /http-bind http://localhost:7070/http-bind
However, when i try to reach http://example.com/http-bind I get the following:
HTTP ERROR: 400
Problem accessing /http-bind/. Reason:
Bad Request
Powered by Jetty://
What am I doing wrong?
No any error in fact.
While you see the result, which measn that all proxy settings of yours are correct, as the http-bind needs to accept the POST(xml format) data as its true request, it is why the openfire server return 404 to you.
Related
I have installed the Varnish with Apach2 and setup that using the HTTP proxy apache module and used the headers to get the Data over HTTP and send it to HTTPS using reverse proxy.
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:80/
ProxyPassReverse / http://127.0.0.1:80/
RequestHeader set X-Forwarded-Port “443”
RequestHeader set X-Forwarded-Proto “https
But the issue I am facing this setup is the Browser error Content is loading from HTTP over HTTPS has been blocked.
Mixed Content: The page at '' was loaded over HTTPS, but
requested an insecure stylesheet ''. This request has been
blocked; the content must be served over HTTPS.
Please help to understand where I am wrong and how can I make this work?
Thank you in Advance.
There's not a whole lot of context about the setup and the configuration, but based on the information you provided I'm going to assume you're using Apache to first terminate the TLS connection and then forward that traffic to Varnish.
I'm also assuming Apache is also configured as the backend in Varnish listening on a port like 8080 whereas Varnish is on 80 and the HTTPS Apache vhost is on 443.
Vary header
The one thing that might be missing in your setup is a cache variation based on the X-Forwarded-Proto header.
I would advise you to set that cache variation using the following configuration:
Header append Vary: X-Forwarded-Proto
This uses mod_headers and can either be set in your .htaccess file or your vhost configuration.
It should allow Varnish to be aware of the variations based on the Vary: X-Forwarded-Proto header and store a version for HTTP and one for HTTPS.
This will prevent HTTP content being stored when HTTPS content is requested and vice versa.
A good way to simulate the issue
If you want to make sure the issue behaves as I'm expecting it to, please perform a test using the following steps:
Clear your cache through sudo varnishadm ban obj.status "!=" 0
Run varnishlog -g request -q "ReqUrl eq '/'" to filter logs for the. homepage
Call the HTTP version of the homepage and ensure its stored in the cache
Capture the log output for this transaction and store it somewhere
Call that same page over HTTPS and check whether or not the mixed content errors occur
Capture the log output for this transaction and store it somewhere
Then fix the issue through the Vary: X-Forwarded-Proto header and try the testcase again.
In case of problems, just add the 2 log transactions to your question (1 for the miss, 1 for the hit) and I'll examine it for you
//I am using
define GET_REQUEST_URI "GET /ms/v_updated.php?id=9,9,9& qty=9,9,9/HTTP/1.1\r\nHost:127.0.0.1\r\nAccept: /\r\n\r\n"
for v_updated.php file on my localserver using my cc3200 launchpad
//and i wanted to know that is this the correct syntax am i using for GET request in cc3200
![on console i got following outpt]
[1] STA connected to AP:
[2]IP Acquired :
[3]Connection to server created successfully
HTTP Get Begin:
Failed to send HTTP GET request
HTTP Post Get failed
HTTP gET End:
and i also want to know about the json parser being used..
It is possible that your local server is declining requests from CC3200. Try Configuring the local Server.
If you are using XAMPP, Go to Config > httpd.conf, open it.
Search AllowOverride. You will find the following settings (or Similar ),
<Directory />
AllowOverride None
Options None
Order allow,deny
Allow from None
</Directory>
Change None to All.
It Should look like
`<Directory />
AllowOverride All
Options All
Order allow,deny
Allow from All
</Directory>`
I am trying to upload some data to my local datastore in appengine.
The command I am using is the next one:
appcfg.py upload_data --config_file="C:\config.yml" --filename="C:\mycsv.csv" --url=http://localhost:8888/remote_api --kind=MyEntity
The problem is that I'm working behind my company proxy and I am getting the next ERROR even trying to connect to the localhost server:
Error Code: 502 Proxy Error. The ISA Server denied the specified Uniform Resource Locator (URL). (12202)
It seems the authentication is ok, but somehow the proxy tries to filter my connection to my own computer.
Some ideas about how can I solve this?
Thanks.
Remove/disable proxy settings of your network then try the above command.
I was facing the similar issue and this issue resolved when i disable my proxy settings.
I have Apache2 SSL which is fronting Spring webapp as follows:
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
All works fine... i mean all links ... are correct, and in general webapp works, so the problem is not a matter of an application or SSL..
Except starting/cancelling webflows: they produce http URLs instead of https://
I found one topic here:
forum.springsource.org/showthread.php?70730-Webflow-2-0-and-reverse-proxy
They say it is not a problem of Spring WebFlow...
What is a workaround in this situation?
Providing that all requests to the Tomcat connector are received via SSL terminated at httpd then you can add the following to your connector:
scheme="https" secure="true"
This tells Tomcat to treat the connection as if it was received over an SSL connection direct to Tomcat. This is required when proxying over http since there is no mechanism within http to pass the SSL info to Tomcat. There are ways to pass some of this info via http headers. Look at the SSLValve docs in Tomcat.
Alternatively, using AJP will work since AJP passes SSL information from httpd to Tomcat.
We have an environment with Apache 2.2.11 acting as front end to incoming connections to a Tomcat backend server. We are using the following directives in the http-ssl.conf, which works great when not trying to catch 403 errors:
SetEnvIf COMPANY EDLP 4.0.1 NLEDLPKEY=true
General setup for the virtual host
DocumentRoot "C:/xampp/htdocs/"
ServerName localhost:443
ServerAdmin admin#localhost
ProxyRequests Off
ProxyPassMatch / htp://tomcat.company.com**<-- been having issues with this directive (using only one "t" in http to bypass this sites new user can only post one URL per question limitation**
ProxyPassReverse / htp://tomcat.company.com
As you can see we are using the mod_access (now called mod_authz_host in Apache 2.2) module to pass a variable called NLEDLPKEY so that only (Internet Explorer) clients with this variable could access Tomcat via SSL. Also, I am trying to not only reverse proxy SSL connections, but also to redirect the 403 errors (for people without the variable) to a specified page (error_page.html). I have tried:
ProxyPassMatch "^[^(/error_page.html)]" htp://tomcat.company.com and also tried
ProxyPassMatch “^(?!/error_page.html)” htp://tomcat.company.com
to see if it is possible to redirect to the error page and not get the below message:
Forbidden
You don't have permission to access /RDS on this server. <--RDS is just a directory-->
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
Apache/2.2.11 (Win32) DAV/2 mod_ssl/2.2.11 OpenSSL/0.9.8i PHP/5.2.9 Server at apache-company Port 443
Any help would be appreciated
R.
I ran into this issue recently - it took a bit of hunting but here's how I fixed it:
In /etc/apache2/mods-available/proxy.conf (Ubuntu - YMMV) change it to look like the following:
<Proxy *>
AddDefaultCharset off
Order deny,allow
Deny from all
Allow from all
</Proxy>
It's also important to note that for reverse proxies, it is not necessary to have ProxyRequests On configured and doing so in conjunction with Allow from all is hazardous. (Can be used by spammers to send mail via your proxy.)