Friday, March 27, 2015

Apache SSL reverse proxy breaks Liferay Authentication

I have Apache 2.2. installed with SSL. It is running as a reverse proxy based on a question I asked and was answered here: Apache SSL reverse proxy for multiple servers What I discovered, however, is that the "sign in" prompt in Liferay no longer will authenticate. In FF I am given a security warning but my userid and password does not work. In other browsers, no security warning is given, but the authentication fails. Yet, if I use the IP address in the ProxyPass directives to go to the web page and then sign in, all is well. I assumed that Apache is passing all traffic back to the server unencrypted.



So, I am guessing that the data is getting mangled (somehow) in the ProxyPass directives so that Liferay cannot read the data. Is there another directive I need to add to the VirtualHost entry so that the data is passed unencrypted (or unmangled) to Liferay?



So, based on the post referenced above, when I go to http://www.mydomain.com I am redirected to https://www.mydomain.com which is properly hitting the http://192.168.20.200 server but the authentication fails. If I go directly to http://192.168.20.200 I can authenticate just fine. So somewhere in the https:// to http:// translation, something is getting hammered (I think).



Did I miss something in the VirtualHost directive that is messing up the authentication?




Thanks

No comments:

Post a Comment

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...