Hello Guys,

Let me firstly explain the situation. I have two servers, where I need to access via reverse proxy. 1st server is acting as SSO and doing an authentication of all other servers which is under his management.

I have configured reverse proxy, running under Debian OS with Apache.
There is very simple configuration which works. Connecting from public IP to RP which will forward this traffic into private ranges without noticing client.

But currently I need to implement an SSO server as the authentication server and it means, that all servers which are under SSO management will redirect the traffic into SSO.

Problem is, that customer is access all servers from public domain and SSO is in internal domain, what causing an issues, because customer should not have our DNS records in the table and we cant mix public and internal entries in our security zone.

My idea is to perform a redirect + rewrite as per the condition, but i dont know how. I red almost whole internet, but I’m total newbie in this apache word.

Let me describe the situation on example:

  1. Customer is accessing https://example.public.com
  2. Customer reach the server via RP
  3. Server do redirection into https://example_server.private.com/SSO/…=https://example.public.com
  4. Connection lost

My question is:
Is it possible just to rewrite an url from example_server.private.com into something other with remained path ?

Like:
https://example_server.public.com/SSO/…=https://example.public.com

After the authentication server send back the traffic into example.public.com

How Apache will handle that? Would you, please, provide also an exaple of configuration?

Also all the rewrite rules should be applied in 1 virtual host just to prevent redirection into private domain.

I guess it should existing a solution. But not sure, if this approach will remain the session open or it’s closed and result will be same....

My current config :

<VirtualHost *:443>
  ServerName example.public.com
  ProxyPass        / https://1.2.3.4/
  ProxyPassReverse / https://1.2.3.4/
  ProxyPreserveHost On
  DocumentRoot /var/www/default
  SSLEngine on
  SSLProxyEngine on
  SSLProxyCheckPeerName Off
  SSLProxyCheckPeerCN Off
  ErrorLog "/var/log/apache2/proxy-error-prime-proxy-full.log"
  CustomLog "/var/log/apache2/proxy-access-prime-proxy-full.log" common
</VirtualHost>

Thank you a lot :)

Peter

edited by MattIPv4
Submit an answer

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!