How to run OWL behind a Reverse Proxy server#

Introduction#

This page describes how OWL can be tweaked to run behind a Reverse Proxy server.
Some advantages of this setup are:
  • For HTTP communication, only port 80 needs to be open in the firewall. This is nice if you have
more web applications running besides OWL.
  • Your Wonderland URL can be more user-friendly, like http://<domainname>/wonderland
  • If your OWL server is down, the Reverse Proxy server can show a user-friendly error page.
The following sections describe what changes have to be made.

Environment property#

Add the following environment property to your startup command:
-Dwonderland.web.server.url=http://<domainname>/wonderland

JNLP file#

Tweak the JNLP file in web/webstart/web.
<jnlp spec="1.0+"
  codebase="http://<domain name>/wonderland/wonderland-web-front/app/"
  href="Wonderland.jnlp">

Java source files#

Tweak the following Java source files:
  • WonderlandSessionImpl:
        Properties connectProperties = new Properties();
        connectProperties.setProperty("host", "<domainname>");
//      connectProperties.setProperty("host", server.getHostname());
  • AuthenticationServiceImpl:
        this.authUrl = authUrl;
        authUrl = "http://<domainname>/wonderland/security-session-noauth/security-session-noauth/identity";
  • ServerSessionManager:
    public String getServerNameAndPort() {
        try {
            URL tmpURL = new URL(serverURL);
            String server = tmpURL.getHost();
            if (tmpURL.getPort() != -1) {
                server = server + ":" + tmpURL.getPort();
            }
            server = "<domainname>";
  • SasXrwProviderMain:
        // read the server URL property
        serverUrl = System.getProperty("wonderland.web.server.url", "http://<domainname>/wonderland");
//        serverUrl = System.getProperty("wonderland.web.server.url", "http://localhost:8080");

Apache configuration in httpd.conf#

Add the following settings to your Apache configuration:
ProxyPass /wonderland/wonderland-web-front/admin http://localhost:8080/wonderland/
ProxyPass /wonderland http://localhost:8080
ProxyPass /webdav/ http://localhost:8080/webdav/
ProxyPass /wonderland-web-front/ http://localhost:8080/wonderland-web-front/
ProxyPass /wonderland-web-wfs/ http://localhost:8080/wonderland-web-wfs/
ProxyPass /wonderland-web-modules/ http://localhost:8080/wonderland-web-modules/
ProxyPass /wonderland-web-checksums/ http://localhost:8080/wonderland-web-checksums/
ProxyPass /wonderland-web-runner/ http://localhost:8080/wonderland-web-runner/
ProxyPass /wonderland-web-asset/ http://localhost:8080/wonderland-web-asset/
ProxyPass /security-session-noauth/ http://localhost:8080/security-session-noauth/
ProxyPass /security-groups/ http://localhost:8080/security-groups/
ProxyPass /xapps-config/ http://localhost:8080/xapps-config/

ProxyPassReverse /wonderland http://localhost:8080
ProxyPassReverse /webdav/ http://localhost:8080/webdav/
ProxyPassReverse /wonderland-web-front/ http://localhost:8080/wonderland-web-front/
ProxyPassReverse /wonderland-web-wfs/ http://localhost:8080/wonderland-web-wfs/
ProxyPassReverse /wonderland-web-modules/ http://localhost:8080/wonderland-web-modules/
ProxyPassReverse /wonderland-web-checksums/ http://localhost:8080/wonderland-web-checksums/
ProxyPassReverse /wonderland-web-runner/ http://localhost:8080/wonderland-web-runner/
ProxyPassReverse /wonderland-web-asset/ http://localhost:8080/wonderland-web-asset/
ProxyPassReverse /security-session-noauth/ http://localhost:8080/security-session-noauth/
ProxyPassReverse /wonderland/security-groups/ http://localhost:8080/security-groups/
ProxyPassReverse /wonderland/xapps-config/ http://localhost:8080/xapps-config/

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-1) was last changed on 12-Dec-2010 00:03 by Hans Beemsterboer