How to set up a proxy location for all paths except some with apache2?

peterp picture peterp · Apr 26, 2012 · Viewed 19.1k times · Source

I've got several webapps running on my webserver:

  • SVN Repository Browser, accessible via https://beta.mydomain.tld/svn/repos
  • Trac instance, accesible via https://beta.mydomain.tld/trac
  • My own java web application, accessible via http://beta.mydomain.tld/, using a Proxy for the local Apache Tomcat on port 8080

Please note that the first two are available via SSL, the third is not (yet). Now I need to make my web app available via https, but I want Trac and SVN Browser still to be accessible in their current location.

I.e. I am trying to configure apache2 to proxy all requests not starting with svn or trac to Tomcat.

For the existing SSL web apps, there's the following configuration

    <Location /svn/repos>
        DAV svn
        SVNParentPath /home/myuser/svn
        SVNListParentPath on
        AuthType Basic
        AuthName "Subversion repository"
        AuthUserFile /home/myuser/.htpasswd
        Require valid-user
    </Location>

    <Location /trac>
        SetHandler mod_python
        PythonHandler trac.web.modpython_frontend
        PythonOption TracEnvParentDir /home/myuser/trac
        PythonOption TracUriRoot /trac
        AuthType Basic
        AuthName "Trac"
        AuthUserFile /home/myuser/.htpasswd
        Require valid-user
    </Location>

I tried to add the following location, but it did not help anything...

    <Location />
        ProxyPass           http://localhost:8080
        ProxyPassReverse    http://localhost:8080/
    </Location>

For further information, here is the complete apache2 configuration regarding the SSL part (without any of my failed trials in it - I think it is default trac configuration):

<VirtualHost *:443>
    ServerAdmin webmaster@localhost
    ServerName beta.mydomain.tld:443

    DocumentRoot /var/www/
    <Directory /var/www/>
            Options Indexes FollowSymLinks MultiViews
            AllowOverride None
            Order allow,deny
            allow from all
    </Directory>

    ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
    <Directory "/usr/lib/cgi-bin">
            AllowOverride None
            Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
            Order allow,deny
            Allow from all
    </Directory>

    ErrorLog /var/log/apache2/error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn

    CustomLog /var/log/apache2/ssl_access.log combined

    Alias /doc/ "/usr/share/doc/"
    <Directory "/usr/share/doc/">
            Options Indexes MultiViews FollowSymLinks
            AllowOverride None
            Order deny,allow
            Deny from all
            Allow from 127.0.0.0/255.0.0.0 ::1/128
    </Directory>

    SSLEngine on

    SSLCertificateFile    /etc/ssl/certs/ssl.crt
    SSLCertificateKeyFile /etc/ssl/private/ssl.key

    BrowserMatch ".*MSIE.*" \
            nokeepalive ssl-unclean-shutdown \
            downgrade-1.0 force-response-1.0

    <Location /svn/repos>
        DAV svn
        SVNParentPath /home/myuser/svn
        SVNListParentPath on
        AuthType Basic
        AuthName "Subversion repository"
        AuthUserFile /home/myuser/.htpasswd
        Require valid-user
    </Location>

    <Location /trac>
        SetHandler mod_python
        PythonHandler trac.web.modpython_frontend
        PythonOption TracEnvParentDir /home/myuser/trac
        PythonOption TracUriRoot /trac
        AuthType Basic
        AuthName "Trac"
        AuthUserFile /home/myuser/.htpasswd
        Require valid-user
    </Location>

Answer

user207421 picture user207421 · Apr 29, 2012

Just put ProxyPass ! into those two Location blocks. That stops proxying for the locations concerned.