4.7.2 How to set directives
The following example describes the settings for each directive that sets the reverse proxy.
Each address is as follows:
Reverse proxy: www.example.com
Backend server: backend.example.com
- Organization of this subsection
(1) Reallocating the request URL and the request header
If you set the ProxyPass directive as shown below, the request http://www.example.com/news/oct-2001 received from client changes to the request http://backend.example.com/oct-2001:
ProxyPass /news/ http://backend.example.com/
The Host:Header is reallocated from "Host:www.example.com" to "Host:backend.example.com". After that, the reverse proxy sends the response from the backend server to the client.
(2) Reallocating the response header
If a Redirect directive is executed from a backend server and the directive uses an image map or contains a directory request that does not end with a forward slash (/), the Location header in the backend server response will contain the backend server address. If the response is sent to the client as is, the client will request a redirect from the backend server directly, instead of from the reverse proxy. As a result, you must specify the ProxyPassReverse directive as follows, so that the redirect request also passes through the reverse proxy:
ProxyPassReverse /news/ http://backend.example.com/
The location header is changed to the reverse proxy address.
(3) Reassigning the Set-Cookie header
The domain name and path name are sometimes placed in a Set-Cookie header that is returned to the client from the backend server. By doing so, cookies are sent by the client only when the request matches the domain name and the path name in the Set-Cookie header.
Examples of when the Set-Cookie header is reassigned and when the Set-Cookie header is not reassigned are explained below.
-
Example of not reassigning the Set-Cookie header
The figure below illustrates an example of a reverse proxy sending a Set-Cookie header with a domain name and path name response from the backend server to the client as is. Note that the numbers in the following figure correspond to the explanation below.
Figure 4‒9: Example of not reassigning the Set-Cookie header -
The client sends an http://www.example.com/front/cgi-bin/test-cgi.pl request to the reverse proxy.
-
The reverse proxy converts the URL, and then forwards it to the backend server.
-
The reverse proxy receives a Set-Cookie header from the backend server in which the domain name is set to domain=backend.example.com, and the path name is set to path=/cgi-bin/.
-
The reverse proxy returns the Set-Cookie header received from the backend server to the client as is.
In the above case, the client does not send the cookie received from the Set-Cookie header when the client sends a request to anything at or below /front/cgi-bin/ via the reverse proxy. This is because the domain name in the Set-Cookie header received by the client is backend.example.com, but the domain name of the reverse proxy is www.example.com. In the same way, the path names will also not match.
-
-
Example of reassigning the Set-Cookie header
The HWSProxyPassReverseCookie directive must be specified for a client to receive a cookie sent via the Set-Cookie header from the backend server. The figure below shows an example of reassigning the Set-Cookie header by specifying the HWSProxyPassReverseCookie directive. Note that the numbers in the following figure correspond to the explanation below.
Figure 4‒10: Example of reassigning the Set-Cookie header -
The client sends an http://www.example.com/front/cgi-bin/test-cgi.pl request to the reverse proxy.
-
The reverse proxy converts the URL, and then forwards it to the backend server.
-
The reverse proxy receives a Set-Cookie header from the backend server in which the domain name is set to domain=backend.example.com and the path name is set to path=/cgi-bin/.
-
The reverse proxy returns the reassigned Set-Cookie header to the client.
In the above case, the client receives a Set-Cookie header whose path name (/front/cgi-bin/) matches the beginning of the path in the request URL (/front/cgi-bin/test-cgi.pl). Also, there was no domain name in the Set-Cookie header received by the client. This is essentially the same as the domain name of the URL requested by the client (www.example.com) being specified in the Set-Cookie header. As such, cookies set by the Set-Cookie header can be sent with requests that go through reverse proxies to get to backend servers.
-