Apache 2.x and mod_proxy produce redirect loop if user is not authenticated

StackOverflow https://stackoverflow.com/questions/19906121

Question

I have an application with spring security. I case the user is not authenticated he is redirected to bo/login page.

The problem is that the way i setup the apache web server in front of the tomcat i produce infinite redirection loop:

<VirtualHost *:80>
       ServerName dev.bo.MYDOMAIN.com
       ProxyPass / ajp://localhost:20009/bo/
       ProxyPassReverse / ajp://localhost:20009/bo/
       ProxyPassReverseCookiePath /bo/ /
</VirtualHost>

Does anyone knows how can i prevent the loop in case the user is not authenticated?

Was it helpful?

Solution 2

Finally i found the problem. I had to proxy also the 'bo' path:

<VirtualHost *:80>
   ServerName dev.bo.MYDOMAIN.com
   ProxyPass / ajp://localhost:20009/bo/
   ProxyPassReverse / ajp://localhost:20009/bo/
   ProxyPass /bo ajp://localhost:20009/bo/
   ProxyPassReverse /bo ajp://localhost:20009/bo/
   ProxyPassReverseCookiePath /bo/ /
</VirtualHost>

OTHER TIPS

<VirtualHost *:80>
  ServerAdmin webmaster@localhost
  ServerName dev.bo.MYDOMAIN.com
  <Proxy *>
    Order deny,allow
    Allow from all
  </Proxy>
  ProxyPass / ajp://localhost:20009/bo/
  ProxyPassReverse / ajp://localhost:20009/bo/
</VirtualHost>

Try the above config

Why use mod_jk and mod_proxy? You should just be able to do

ProxyPass / http://localhost:20009/bo/
ProxyPassReverse / http://localhost:20009/bo/

At least you save yourself the protocol switch.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top