我在将Pentaho Docker容器合并到我们的内部基础架构中有问题。
概述:域代理在端口443(处理SSL和LDAP Auth)上聆听,并将流量重定向到Apache反向代理(在覆盖网络中作为Swarm的Docker服务站立)。反向代理是将请求重定向到Pentaho容器(也与反向代理相同的Docker服务)。
config:(仅相关行)域代理(我们不是由我们管理):在443上倾听并重定向到反向代理码头容器反向代理:听80
<VirtualHost *:80>
ServerAlias reverse-proxy
ServerName reverse-proxy
#pentaho redirect
<Location "/application/pentaho">
ProxyPass "ajp://pentaho_host:8009/application/pentaho" ttl=480
ProxyPassReverse "ajp://pentaho_host:8009/application/pentaho"
</Location>
pentaho容器:
pentaho以更改的上下文运行,并具有以下设置:
system/server.properties文件:
fully-qualified-server-url=https://example.com/application/pentaho
tomcat配置:
tomcat/conf/server.xml:
<Connector URIEncoding="UTF-8" port="8009" protocol="AJP/1.3" redirectPort="8443"
#Without ProxyName and ProxyPort tomcat redirects all app buttons to http://localhost:8009/
ProxyName="example.com"
ProxyPort="443" />
上下文更改
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true">
<Context path="/application/pentaho" debug="0" docBase="pentaho" />
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost_access_log" suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
这里的问题是,当我访问https://example.com/application/pentaho时,我会得到pentaho login page(https://example.com/application/pentlication/pentaho/login),在使用适当的凭据登录后,我再次将其重定向到同一登录页面(使用; jsession 32IBN4O1I23N21OI3 ...),但是在控制台中,我可以看到登录后,请求通过j_spring_security_check(http 302 ok),然后转到https://example.com/application/pentlication/pentaho/home ....(也找到http 302)然后返回登录...
访问日志:
x.x.x.x - - [21/Sep/2017:15:11:49 +0000] "GET /application/pentaho/Login HTTP/1.1" 200 7208
x.x.x.x - - [21/Sep/2017:15:11:49 +0000] "GET /application/pentaho/webcontext.js HTTP/1.1" 200 4472
x.x.x.x - - [21/Sep/2017:15:11:49 +0000] "GET /application/pentaho/content/sparkl/resources/sparkl-require-js-cfg.js HTTP/1.1" 200 1525
x.x.x.x - - [21/Sep/2017:15:11:49 +0000] "GET /application/pentaho/content/client-config-folder-enabler/client-config-enabler-require-js-cfg.js HTTP/1.1" 200 1019
x.x.x.x - - [21/Sep/2017:15:11:49 +0000] "GET /application/pentaho/js/themes.js HTTP/1.1" 200 1346
x.x.x.x - - [21/Sep/2017:15:11:49 +0000] "GET /application/pentaho/CacheExpirationService HTTP/1.1" 200 1161
x.x.x.x - - [21/Sep/2017:15:11:52 +0000] "POST /application/pentaho/j_spring_security_check HTTP/1.1" 302 -
x.x.x.x - - [21/Sep/2017:15:11:52 +0000] "GET /application/pentaho/Home;jsessionid=09D72F59187B02D027D4313EBDA645EA HTTP/1.1" 200 4928
x.x.x.x - - [21/Sep/2017:15:11:52 +0000] "GET /application/pentaho/Home?locale=en_US HTTP/1.1" 302 -
x.x.x.x - - [21/Sep/2017:15:11:52 +0000] "GET /application/pentaho/Login;jsessionid=B9B10CD32A3CD832C87243A5610C3B09 HTTP/1.1" 200 7301
x.x.x.x - - [21/Sep/2017:15:11:52 +0000] "GET /application/pentaho/webcontext.js HTTP/1.1" 200 4472
一遍又一遍地...
你们知道这里可能会误认为什么吗?
您需要添加pentaho风格的反向代理指令:
<Location "/application/pentaho-style">
ProxyPass "ajp://pentaho_host:8009/application/pentaho-style" ttl=480
ProxyPassReverse "ajp://pentaho_host:8009/application/pentaho-style"
</Location>
和瞧!:D