Forum: Mongrel mod_proxy, mongrel, redirect issue

Hello,

I am configuring apache 2.2 to serve my rails app through mongrel at
the root of my server.  First, I redirect all http traffic to https
with the following:

ServerName emiliano

NameVirtualHost *:80
<VirtualHost *:80>
  RedirectPermanent / https://emiliano #this server is only accessed 
internally
</VirtualHost>

Inside the <VirtualHost *:443> section, I have the following
configuration, which seems extremely standard:

<Proxy balancer://mongrel>
    BalancerMember http://localhost:8000
    BalancerMember http://localhost:8001
    BalancerMember http://localhost:8002
</Proxy>

ProxyRequests Off
<Proxy *>
    Order deny,allow
    Allow from all
</Proxy>

ProxyPass /stylesheets !
ProxyPass /javascripts !
ProxyPass /images !
ProxyPass / balancer://mongrel/
ProxyPassReverse / balancer://mongrel/
ProxyPreserveHost On

When I point my browser to "https://emiliano" I get the login page
that I expect.  When I submit the login form the authorization is
properly processed (I checked the access log).  However, my browser is
then directed to https://emilianousers/home (note the missing "/"
between hostname and 'users') which of course cannot be found.  If I
manually insert the slash I am properly directed to the user home
page.  I can click on links all day long and everything works, but
when I try to submit any form, the form is processed properly, but the
same issue with the missing slash returns.

I have tried removing the proxy balancer and going directly to the
mongrel instance, but I get the same behavior.  I have also removed
and replaced trailing slashes in my ProxyPass directives with no
success.

Because I can't seem to find any other documentation of this issue, I
am left believing that this is a very trivial problem.

Please Help!

jeremy

This might help ... I have the following rewrite rule in my conf
file ...

# Redirect all non-static requests to cluster
   RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
   RewriteRule ^/(.*)$ balancer://resman_cluster%{REQUEST_URI} [P,QSA,L]

Also, I have the following :

# Add a special request header so Rails redirects stay on https
   RequestHeader set X_FORWARDED_PROTO "https"

HTH

Bill Siggelkow
bsiggelkow@mac.com
AIM: siggelkowb
Home: 770-457-8854
Mobile: 770-354-2584

Thanks for the reply.

It turns out that because I have the following permanent redirection,
I don't need to add the request header.

NameVirtualHost *:80
<VirtualHost *:80>
RedirectPermanent / https://emiliano #this server is only accessed 
internally
</VirtualHost>

However, my problem came from the fact that I left off the trailing
slash from https://emiliano in the RedirectPermanent directive.

Does anyone think it is still a good idea, from a performance
standpoint, to include:

RequestHeader set X_FORWARDED_PROTO "https"

even though the requests are forwarded by the RedirectPermanent 
directive?

-jeremy

Assuming you're running a Rails app, and you want all things generated
by link_to, url_for, etc. to keep you in  HTTPS , then yes. Otherwise,
you effectively double the number of HTTP requests that the browser
makes. This is wasteful, and depending on your allocated bandwidth and
popularity, costly.

Redirect them once to get them into HTTPS, but once they're there, the
X_FORWARDED_PROTO header is an exceedingly GOOD idea.

Yes, but to use X_FORWARDED_PROTO header, this you must have two virtual 
blocks basically one for port=80 and other for port=443 so add this to 
443 block, and then the / problems will be solved.