On Wed, 25 Aug 2004, Andr� F�chsel wrote:
There is no public domain name, since squid is placed in DMZ and the JBoss server is placed behind a firewall in the user LAN. It can only be reached by using IP-Addresses. Why is it bad to use IP-Addresses? Should be transparent, shouldn't it? But I can of course place the IP in /etc/hosts...
So your users are supposed to enter the IP address in their browsers?
Yes, the actual IP of the server needs to go into /etc/hosts.
But the problem with the port still remains. I cannot use port 80, so I must use a different port internally (8100).
Then you need to fix the server to think it is using port 80 while listening for requests on port 8100, or take great care to make sure the server never ever makes use of the port number when constructing URLs sent to the client.
This means
- No redirects (3xx responses)
- No HTML code where the application renders absolute URLs
- No other assumptions about absolute URLs in the application.
I thought squid can be configured pretty much the same way like Apache's mod_proxy module. Here you can configure very easily what I want:
ProxyRequests Off <Proxy *> Order deny,allow Allow from all </Proxy>
ProxyPass /myapp http://10.0.10.102:8100/myapp ProxyPassReverse /myapp http://10.0.10.102:8100/myapp
Squid does not have a equivalence ProxyPassReverse, and even if it had this also only solves one small facet of the problem at hand.
Any hints would be very much appreciated, I am out of options now. I rewally don't know, what to do now.
I would probably agree here.. you seem to be stuck with an environment inherently unfriendly to what you are trying to accomplish, making things several orders of magnitude more complext than they need to be.
Regards Henrik
