Redirection and Rewrite (SSO)
Let me firstly explain the situation. I have two servers, where I need to access via reverse proxy. 1st server is acting as SSO and doing an authentication of all other servers which is under his management.
I have configured reverse proxy, running under Debian OS with Apache.
There is very simple configuration which works. Connecting from public IP to RP which will forward this traffic into private ranges without noticing client.
But currently I need to implement an SSO server as the authentication server and it means, that all servers which are under SSO management will redirect the traffic into SSO.
Problem is, that customer is access all servers from public domain and SSO is in internal domain, what causing an issues, because customer should not have our DNS records in the table and we cant mix public and internal entries in our security zone.
My idea is to perform a redirect + rewrite as per the condition, but i dont know how. I red almost whole internet, but I’m total newbie in this apache word.
Let me describe the situation on example:
- Customer is accessing https://example.public.com
- Customer reach the server via RP
- Server do redirection into https://example_server.private.com/SSO/…=https://example.public.com
- Connection lost
My question is:
Is it possible just to rewrite an url from example_server.private.com into something other with remained path ?
After the authentication server send back the traffic into example.public.com
How Apache will handle that? Would you, please, provide also an exaple of configuration?
Also all the rewrite rules should be applied in 1 virtual host just to prevent redirection into private domain.
I guess it should existing a solution. But not sure, if this approach will remain the session open or it’s closed and result will be same....
My current config :
<VirtualHost *:443> ServerName example.public.com ProxyPass / https://22.214.171.124/ ProxyPassReverse / https://126.96.36.199/ ProxyPreserveHost On DocumentRoot /var/www/default SSLEngine on SSLProxyEngine on SSLProxyCheckPeerName Off SSLProxyCheckPeerCN Off ErrorLog "/var/log/apache2/proxy-error-prime-proxy-full.log" CustomLog "/var/log/apache2/proxy-access-prime-proxy-full.log" common </VirtualHost>
Thank you a lot :)