The Uniform Server Wiki

Reverse Proxy Server 2: SVN3 over https: Difference between revisions

Page Discussion

Reverse Proxy Server 2: SVN3 over https (view source)

Revision as of 01:17, 24 November 2010

293 bytes added ,  24 November 2010
no edit summary
(New page: {{Nav reverse proxy server}} '''''How to configure proxy server to run a subversion server over https''.''' On the previous page I covered how to proxy our SVN back-end server over http...)
 
No edit summary
Line 1: Line 1:
=[http://evicijum.co.cc Page Is Unavailable Due To Site Maintenance, Please Visit Reserve Copy Page]=
{{Nav reverse proxy server}}
{{Nav reverse proxy server}}


Line 12: Line 13:
If you have no already done so create a new server certificate for the proxy server as follows:
If you have no already done so create a new server certificate for the proxy server as follows:
* Run server_a
* Run server_a
* Left click tray icon select '''Advanced''' > '''Server certificate and key generator'''
* Left click tray icon select '''Advanced''' > '''Server certificate and key generator'''
* Press Enter at all prompts
* Press Enter at all prompts
This creates an new server certificate and key pair, in addition enables https in Apache's configuration file.
This creates an new server certificate and key pair, in addition enables https in Apache's configuration file.
Line 24: Line 25:


Add the following code:
Add the following code:
<pre>
&lt;pre&gt;
ProxyPass /svn/ http://localhost:83/svn/
ProxyPass /svn/ http://localhost:83/svn/
<Location /svn/ >
&lt;Location /svn/ &gt;
   ProxyPassReverse /svn/
   ProxyPassReverse /svn/
   <Limit OPTIONS PROPFIND GET REPORT MKACTIVITY PROPPATCH PUT CHECKOUT MKCOL MOVE COPY DELETE LOCK UNLOCK MERGE>
   &lt;Limit OPTIONS PROPFIND GET REPORT MKACTIVITY PROPPATCH PUT CHECKOUT MKCOL MOVE COPY DELETE LOCK UNLOCK MERGE&gt;
     Order Deny,Allow
     Order Deny,Allow
     Allow from all
     Allow from all
     Satisfy Any
     Satisfy Any
   </Limit>
   &lt;/Limit&gt;
</Location>
&lt;/Location&gt;
</pre>
&lt;/pre&gt;
The code is placed almost at the end of the file just above </VirtualHost> as shown below
The code is placed almost at the end of the file just above &lt;/VirtualHost&gt; as shown below
<pre>
&lt;pre&gt;
#== Most problems of broken clients are related to the HTTP
#== Most problems of broken clients are related to the HTTP
# keep-alive facility. Disable keep-alive for those clients.
# keep-alive facility. Disable keep-alive for those clients.
SetEnvIf User-Agent ".*MSIE.*" \
SetEnvIf User-Agent &quot;.*MSIE.*&quot; \
         nokeepalive ssl-unclean-shutdown \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0
         downgrade-1.0 force-response-1.0


ProxyPass /svn/ http://localhost:83/svn/
ProxyPass /svn/ http://localhost:83/svn/
<Location /svn/ >
&lt;Location /svn/ &gt;
   ProxyPassReverse /svn/
   ProxyPassReverse /svn/
   <Limit OPTIONS PROPFIND GET REPORT MKACTIVITY PROPPATCH PUT CHECKOUT MKCOL MOVE COPY DELETE LOCK UNLOCK MERGE>
   &lt;Limit OPTIONS PROPFIND GET REPORT MKACTIVITY PROPPATCH PUT CHECKOUT MKCOL MOVE COPY DELETE LOCK UNLOCK MERGE&gt;
     Order Deny,Allow
     Order Deny,Allow
     Allow from all
     Allow from all
     Satisfy Any
     Satisfy Any
   </Limit>
   &lt;/Limit&gt;
</Location>
&lt;/Location&gt;


</VirtualHost>
&lt;/VirtualHost&gt;
</pre>
&lt;/pre&gt;


=== Test ===
=== Test ===
Line 60: Line 61:
* Start server_a
* Start server_a
* Start server_c
* Start server_c
* Type '''https:'''<nowiki>//localhost/svn/</nowiki>'''
* Type '''https:'''&lt;nowiki&gt;//localhost/svn/&lt;/nowiki&gt;'''
'''''Result'':''' Collection of Repositories page displayed, click the link '''myproject''' or whatever you named your repository and have a browse.
'''''Result'':''' Collection of Repositories page displayed, click the link '''myproject''' or whatever you named your repository and have a browse.


Line 68: Line 69:


Using your client either '''copy''' or '''move''' a file within the repository you will receive a '''Bad Gateway''' error message e.g.  
Using your client either '''copy''' or '''move''' a file within the repository you will receive a '''Bad Gateway''' error message e.g.  
<pre>
&lt;pre&gt;
Error: Error while performing action: COPY of ../perl/Run.bat: 502 Bad Gateway (https://localhost)
Error: Error while performing action: COPY of ../perl/Run.bat: 502 Bad Gateway (https://localhost)
</pre>
&lt;/pre&gt;


'''''[[#top | Top]]'''''
'''''[[#top | Top]]'''''
Line 81: Line 82:
Interestingly mod_dav validates only the scheme and not host-name this makes the solution a one liner.
Interestingly mod_dav validates only the scheme and not host-name this makes the solution a one liner.
Add this line
Add this line
<pre>
&lt;pre&gt;
RequestHeader edit Destination ^https://(.*)$ http://$1
RequestHeader edit Destination ^https://(.*)$ http://$1
</pre>
&lt;/pre&gt;
It translates the destination header from '''https''' to '''http''' thus keeping DAV happy
It translates the destination header from '''https''' to '''http''' thus keeping DAV happy


Edit file: C:\server_a\UniServer\usr\local\apache2\conf\ssl.conf add the line above location as shown below:
Edit file: C:\server_a\UniServer\usr\local\apache2\conf\ssl.conf add the line above location as shown below:
<pre>
&lt;pre&gt;
RequestHeader edit Destination ^https://(.*)$ http://$1
RequestHeader edit Destination ^https://(.*)$ http://$1
ProxyPass /svn/ http://localhost:83/svn/
ProxyPass /svn/ http://localhost:83/svn/
<Location /svn/ >
&lt;Location /svn/ &gt;
   ProxyPassReverse /svn/
   ProxyPassReverse /svn/
   <Limit OPTIONS PROPFIND GET REPORT MKACTIVITY PROPPATCH PUT CHECKOUT MKCOL MOVE COPY DELETE LOCK UNLOCK MERGE>
   &lt;Limit OPTIONS PROPFIND GET REPORT MKACTIVITY PROPPATCH PUT CHECKOUT MKCOL MOVE COPY DELETE LOCK UNLOCK MERGE&gt;
     Order Deny,Allow
     Order Deny,Allow
     Allow from all
     Allow from all
     Satisfy Any
     Satisfy Any
   </Limit>
   &lt;/Limit&gt;
</Location>
&lt;/Location&gt;
</pre>
&lt;/pre&gt;


'''''[[#top | Top]]'''''
'''''[[#top | Top]]'''''
Line 105: Line 106:
* Start server_a
* Start server_a
* Start server_c
* Start server_c
* Type '''https:'''<nowiki>//localhost/svn/</nowiki>'''
* Type '''https:'''&lt;nowiki&gt;//localhost/svn/&lt;/nowiki&gt;'''
'''''Result'':''' Collection of Repositories page displayed, click the link '''myproject''' or whatever you named your repository and have a browse.
'''''Result'':''' Collection of Repositories page displayed, click the link '''myproject''' or whatever you named your repository and have a browse.


Line 125: Line 126:


{|
{|
|-valign="middle"
|-valign=&quot;middle&quot;
| [[Image:uc_small_logo.gif]] || [[User:Ric|Ric]]  
| [[Image:uc_small_logo.gif]] || [[User:Ric|Ric]]  
|}
|}


[[Category: Uniform Server 5.0-Nano]]
[[Category: Uniform Server 5.0-Nano]]
Upazixorys
322

edits

Retrieved from "https://wiki.uniformserver.com/Special:MobileDiff/4663"