s***@weirslurry.com
2005-01-07 16:12:23 UTC
Hi,
I have been trying to get apache's modproxy(ProxyPass/Reverse) or even
Modrewrite(RewriteCond/Rules) to work properly with Domino's
WebmailRedirect.nsf file.
Here is a Notes forum Post that hopefully explains the problem I am having
in a nutshell:
http://www-10.lotus.com/ldd/nd6forum.nsf/55c38d716d632d9b8525689b005ba1c0/175d0edd0639071485256e5c000915d4?OpenDocument
An explaination of my scenario below:
All behind our Firewall - PIX515:
User(Internet) --> FW --> Apache2 WebServer(DMZ) --> Domino Http
Server(COMM-different network)
Starting from the backend first...
The domino Web server is running on port 81 and it's Home URL is "
/DominoWe.nsf". ( I believe this file has code or references the Webmail
redirect db/code)
We are using an IBM/Lotus supplied Domino Webmail "redirect" called
"WebAccessRedirect650.ntf".
If I use the Domino webserver address & port to access webmail it works
fine.
A single sign-on and we are redirected to our mail file without any
problems.(The redirect takes the info given with username/pwd from
names.nsf and any other files & directs the browser to the mail/*.nsf and
loads up webmail interface/template)
However, it's get's more complex as you know when we add Apache2 and its
Reverse Proxy into the mix.
I have tried using modrewrite w/ rewriterules and I get the same result. (
I tried your method and many others as well)
RewriteEngine on
RewriteLog "/var/log/httpd/rewrite.log"
RewriteLogLevel 2
RewriteCond %{REQUEST_URI} ^/
RewriteRule /(.*) http://203.57.228.7:81/$1 [P]
And with a Pound Proxy added to the configuration, just these two Proxy
directives worked for me!
ProxyPass / http://203.57.228.7:81/
ProxyPassReverse / http://203.57.228.7:81/
The IP's listed above are of course the backend Domino Server.
So, as you can see I didn't need modrewrite w/ rewriterules or
rewriteconditions.
The reason why is because a used another reverse proxy called "Pound".
URL located below:
http://www.apsis.ch/pound/
Then, for the above ProxyPass/Reverse directives I had the IP and port of
the Pound Proxy and the Pound Proxy had the values of the Domino server:
Apache:
ProxyPass / https://webmail.weirslurry.com:8080/
ProxyPassReverse / http://webmail.weirslurry.com:8080/
Pound:
ListenHTTPS 66.170.10.6,8080
BackEnd 203.57.228.7,81,1
Another rudimentary diagram below:
User(Internet) --> FW --> Apache Web Server/Proxy & Pound Proxy on same
machine(DMZ - behind FW) --> Domino Http Server(COMM-another different
network behind FW)
So, somehow the addition of the Pound Proxy helped the Http
headers/URI/URL's,etc understand teh DominoWEbmailRedirect in Domino Http
so it would ask for our username and pwd "only" once and not reveal the IP
address of the backend Domino server after serving up the webmail
redirect!?!
I know it sounds strange, but it works.
In conclusion, my issue is with the Domino Redirect.
If I could write home-grown html, php, perl, jsp or ? script/code with my
own "redirect" I would think that apache would behave better?
I found some examples of creating a work-around or a homegrown solution in
the Notes forums where others have had the same problem but the
explanations & answers weren't clear for me.
Here are some examples:
http://www-10.lotus.com/ldd/nd6forum.nsf/55c38d716d632d9b8525689b005ba1c0/87423972d7b74bca85256dec0059a08d?OpenDocument
http://www.notestips.com/80256B3A007F2692/1/NAMO5RX3PX
None of which seem to work for me!?!
And this last one I would like to try but haven't given it any thought or
know how to start w/ Lotus forms/agents...
http://www-10.lotus.com/ldd/nd6forum.nsf/55c38d716d632d9b8525689b005ba1c0/dfd6abb19c3c699585256e5f00334932?OpenDocument
Should I be using vhosts and then add some rewriterules together in order
to remedy my problem?
If you are still confused I can allow you access the Domino Web server
Webmail front-end I am working on from the net.
I appreciate any feedback, thanks!
Regards,
Scott Pichelman
Systems Administrator
Weir Slurry TM
North America
2701 S Stoughton Rd
Madison WI 53716 USA
T: +001 608 226 5615
F: +001 608 221 5807
M: +001 608 346 2784
E: ***@weirslurry.com
W: http://weirslurry.com
The information contained in this email (including any attachments) is confidential, subject to copyright and for the use of the intended recipient only. If you are not the intended recipient please delete this message after notifying the sender. Unauthorised retention, alteration or distribution of this email is forbidden and may be actionable.
Attachments are opened at your own risk and you are advised to scan incoming email for viruses before opening any attached files. We give no guarantee that any communication is virus-free and accept no responsibility for virus contamination or other system loss or damage of any kind.
I have been trying to get apache's modproxy(ProxyPass/Reverse) or even
Modrewrite(RewriteCond/Rules) to work properly with Domino's
WebmailRedirect.nsf file.
Here is a Notes forum Post that hopefully explains the problem I am having
in a nutshell:
http://www-10.lotus.com/ldd/nd6forum.nsf/55c38d716d632d9b8525689b005ba1c0/175d0edd0639071485256e5c000915d4?OpenDocument
An explaination of my scenario below:
All behind our Firewall - PIX515:
User(Internet) --> FW --> Apache2 WebServer(DMZ) --> Domino Http
Server(COMM-different network)
Starting from the backend first...
The domino Web server is running on port 81 and it's Home URL is "
/DominoWe.nsf". ( I believe this file has code or references the Webmail
redirect db/code)
We are using an IBM/Lotus supplied Domino Webmail "redirect" called
"WebAccessRedirect650.ntf".
If I use the Domino webserver address & port to access webmail it works
fine.
A single sign-on and we are redirected to our mail file without any
problems.(The redirect takes the info given with username/pwd from
names.nsf and any other files & directs the browser to the mail/*.nsf and
loads up webmail interface/template)
However, it's get's more complex as you know when we add Apache2 and its
Reverse Proxy into the mix.
I have tried using modrewrite w/ rewriterules and I get the same result. (
I tried your method and many others as well)
RewriteEngine on
RewriteLog "/var/log/httpd/rewrite.log"
RewriteLogLevel 2
RewriteCond %{REQUEST_URI} ^/
RewriteRule /(.*) http://203.57.228.7:81/$1 [P]
And with a Pound Proxy added to the configuration, just these two Proxy
directives worked for me!
ProxyPass / http://203.57.228.7:81/
ProxyPassReverse / http://203.57.228.7:81/
The IP's listed above are of course the backend Domino Server.
So, as you can see I didn't need modrewrite w/ rewriterules or
rewriteconditions.
The reason why is because a used another reverse proxy called "Pound".
URL located below:
http://www.apsis.ch/pound/
Then, for the above ProxyPass/Reverse directives I had the IP and port of
the Pound Proxy and the Pound Proxy had the values of the Domino server:
Apache:
ProxyPass / https://webmail.weirslurry.com:8080/
ProxyPassReverse / http://webmail.weirslurry.com:8080/
Pound:
ListenHTTPS 66.170.10.6,8080
BackEnd 203.57.228.7,81,1
Another rudimentary diagram below:
User(Internet) --> FW --> Apache Web Server/Proxy & Pound Proxy on same
machine(DMZ - behind FW) --> Domino Http Server(COMM-another different
network behind FW)
So, somehow the addition of the Pound Proxy helped the Http
headers/URI/URL's,etc understand teh DominoWEbmailRedirect in Domino Http
so it would ask for our username and pwd "only" once and not reveal the IP
address of the backend Domino server after serving up the webmail
redirect!?!
I know it sounds strange, but it works.
In conclusion, my issue is with the Domino Redirect.
If I could write home-grown html, php, perl, jsp or ? script/code with my
own "redirect" I would think that apache would behave better?
I found some examples of creating a work-around or a homegrown solution in
the Notes forums where others have had the same problem but the
explanations & answers weren't clear for me.
Here are some examples:
http://www-10.lotus.com/ldd/nd6forum.nsf/55c38d716d632d9b8525689b005ba1c0/87423972d7b74bca85256dec0059a08d?OpenDocument
http://www.notestips.com/80256B3A007F2692/1/NAMO5RX3PX
None of which seem to work for me!?!
And this last one I would like to try but haven't given it any thought or
know how to start w/ Lotus forms/agents...
http://www-10.lotus.com/ldd/nd6forum.nsf/55c38d716d632d9b8525689b005ba1c0/dfd6abb19c3c699585256e5f00334932?OpenDocument
Should I be using vhosts and then add some rewriterules together in order
to remedy my problem?
If you are still confused I can allow you access the Domino Web server
Webmail front-end I am working on from the net.
I appreciate any feedback, thanks!
Regards,
Scott Pichelman
Systems Administrator
Weir Slurry TM
North America
2701 S Stoughton Rd
Madison WI 53716 USA
T: +001 608 226 5615
F: +001 608 221 5807
M: +001 608 346 2784
E: ***@weirslurry.com
W: http://weirslurry.com
The information contained in this email (including any attachments) is confidential, subject to copyright and for the use of the intended recipient only. If you are not the intended recipient please delete this message after notifying the sender. Unauthorised retention, alteration or distribution of this email is forbidden and may be actionable.
Attachments are opened at your own risk and you are advised to scan incoming email for viruses before opening any attached files. We give no guarantee that any communication is virus-free and accept no responsibility for virus contamination or other system loss or damage of any kind.