Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Configuring

...

Apache

...

mod_proxy

...

with

...

Jetty

...

The

...

apache

...

web

...

server

...

is

...

frequently

...

used

...

as

...

a

...

server

...

in

...

front

...

of

...

a

...

servlet

...

container.

...


While

...

there

...

are

...

no

...

real

...

technical

...

reasons

...

to

...

front

...

Jetty

...

with

...

apache,

...

sometimes

...

this

...

is

...

needed

...


for

...

software

...

load

...

balancing,

...

or

...

to

...

fit

...

with

...

a

...

corporate

...

infrastructure,

...

or

...

simply

...

to

...

stick

...

with

...

a

...

known

...

deployment

...

structure.

...

There

...

are

...

3

...

main

...

alternative

...

for

...

connection

...

Apache

...

to

...

Jetty:

...

  1. Using

...

  1. apache

...

  1. mod_proxy

...

  1. and

...

  1. an

...

  1. normal

...

  1. Jetty

...

  1. HTTP

...

  1. connector.

...

  1. Using

...

  1. apache

...

  1. mod_proxy_ajp

...

  1. and

...

  1. the

...

  1. Jetty

...

  1. AJP

...

  1. connector.

...

  1. Using

...

  1. apache

...

  1. mod_jk

...

  1. and

...

  1. the

...

  1. Jetty

...

  1. AJP

...

  1. connector.

...

Using

...

the

...

HTTP

...

Connectors

...

is

...

greatly

...

preferred,

...

as

...

Jetty

...

performs

...

significantly

...

better

...

with

...

HTTP

...

and

...

the

...

AJP

...

protocol

...

is

...

poorly

...

documented

...

and

...

there

...

are

...

many

...

version

...

irregularities.

...

If

...

AJP

...

is

...

to

...

be

...

used,

...

the

...

then

...

mod_proxy_ajp

...

module

...

is

...

preferred

...

over

...

mod_jk.

...

Previously,

...

the

...

load

...

balancing

...

capabilities

...

of

...

mod_jk

...

meant

...

that

...

it

...

had

...

to

...

be

...

used

...

(tolerated),

...

but

...

with

...

apache

...

2.2,

...

mod_proxy_balancer

...

is

...

available

...

and

...

load

...

balance

...

over

...

HTTP

...

and

...

AJP

...

connectors.

...

mod_proxy

...

Apache

...

has

...

a

...

mod_proxy

...

module

...

available

...

for

...

almost

...

all

...

versions

...

of

...

apache.

...

However,

...

prior

...

to

...

apache

...

2.2,

...

only

...

reverse

...

proxy

...

features

...

were

...

available

...

and

...

mod_proxy_balancer

...

was

...

not

...

available

...

for

...

load

...

balancing.

...

Documentation

...

for

...

mod_proxy

...

is

...

available

...

for:

...

...

...

Configuration as a Reverse Proxy

The configuration file layout for apache varies greatly with version and distribution, but to configure mod_proxy as a reverse proxy, the follow configuration is key:

  1. Jetty needs to be configured with a normal HTTP connector, probably on port 8080 or similar.
  2. The proxy module (and other proxy extension used) must be loaded:
    Code Block
    
    LoadModule proxy_module modules/mod_proxy.so
    

...


  1. Apache 2.2

...

  1. normally

...

  1. bundles

...

  1. mod_proxy,

...

  1. mod_proxy_ajp

...

  1. and

...

  1. mod_proxy_balancer,

...

  1. so

...

  1. they

...

  1. often

...

  1. do

...

  1. not

...

  1. need

...

  1. to

...

  1. be

...

  1. installed

...

  1. separately.

...

  1. If

...

  1. they

...

  1. are

...

  1. separately

...

  1. bundled

...

  1. by

...

  1. your

...

  1. operation

...

  1. system

...

  1. (eg

...

  1. as

...

  1. RPMs

...

  1. or

...

  1. debians)

...

  1. ensure

...

  1. that

...

  1. they

...

  1. are

...

  1. installed.

...

  1. Forward

...

  1. proxy

...

  1. needs

...

  1. to

...

  1. be

...

  1. turned

...

  1. off:

...


  1. Code Block
    
    ProxyRequests Off
    
    <Proxy *>
    Order deny,allow
    Allow from all
    </Proxy>
    

...

  1. Reverse proxy paths must be configured with URL of the jetty server:
    Code Block
    
    ProxyPass /test http://localhost:8080/test
    

...

  1. Frequently apache documentation will instruct that ProxyPassReverse configuration be used so that apache can rewrite any URLs in headers etc. However, if you use the ProxyPreserveHost configuration, Jetty can generate the correct URLs and they do not need to be rewritten:
    Code Block
    
    ProxyPreserveHost On
    
    Alternatively, since Jetty 6.1.10,

...

  1. instead

...

  1. of

...

  1. preserving

...

  1. the

...

  1. host

...

  1. and

...

  1. to

...

  1. retrieve

...

  1. the

...

  1. client

...

  1. remote

...

  1. address

...

  1. in

...

  1. the

...

  1. webapp

...

  1. (

...

  1. ServletRequest#getRemoteAddr()

...

  1. )

...

  1. you

...

  1. can

...

  1. use

...

  1. the

...

  1. forwarded

...

  1. property

...

  1. on

...

  1. AbstractConnector

...

  1. which

...

  1. interprets

...

  1. the

...

  1. mod_proxy_http

...

  1. "x-forwarded-"

...

  1. headers

...

  1. instead:
    Code Block
    
    <Configure id="Server" class="org.mortbay.jetty.Server">
      ...
      <Call name="addConnector">
        <Arg>
          <New class="org.mortbay.jetty.nio.SelectChannelConnector">
            <Set name="port">8080</Set>
            <Set name="forwarded">true</Set>
          </New>
        </Arg>
      </Call>
      ...
    </Configure>
    

...

  1. Or,

...

  1. to

...

  1. force

...

  1. the

...

  1. result

...

  1. of

...

  1. ServletRequest#getServerName()

...

  1. and

...

  1. ServletRequest#getServerPort()

...

  1. (if

...

  1. headers

...

  1. are

...

  1. not

...

  1. available):

...

  1. Code Block

...

  1. 
    <Configure id="Server" class="org.mortbay.jetty.Server">
      ...
      <Call name="addConnector">
        <Arg>
          <New class="org.mortbay.jetty.nio.SelectChannelConnector">
            <Set name="port">8080</Set>
            <Set name="forwarded">true</Set>
            <Set name="hostHeader">example.com:81</Set>
          </New>
        </Arg>
      </Call>
      ...
    </Configure>
    

...


  1. It is also very useful to turn on proxy status monitoring (see management below):
    Code Block
    
    ProxyStatus On
    

...

Proxying SSL on Apache to HTTP on Jetty

The situation here is:

Code Block

  https                 http
--------->   Apache   -------> Jetty

If

...

you

...

want

...

to

...

offload

...

the

...

SSL

...

onto

...

Apache,

...

and

...

then

...

use

...

plain

...

http

...

requests

...

to

...

your

...

Jetty

...

backend,

...

you

...

need

...

to

...

configure

...

Jetty

...

to

...

use

...

https://

...

in

...

all

...

redirected

...

requests.

...

You

...

can

...

do

...

that

...

by

...

extending

...

the

...

Connector

...

class

...

of

...

your

...

choice,

...

eg

...

the

...

SelectChannelConnector,

...

and

...

implement

...

the

...

customize(EndPoint,

...

Request)

...

method

...

to

...

force

...

the

...

scheme

...

of

...

the

...

Request

...

to

...

be

...

https

...

like

...

so

...

(

...

don't

...

forget

...

to

...

call

...

super.customize(endpoint,request)!

...

):

...

}
Code Block
public void customize(org.mortbay.io.EndPoint endpoint, Request request) throws IOException
{
        request.setScheme("https");
        super.customize(endpoint, request);
}
{code}

h2. 

mod_proxy_balancer

...

With

...

apache

...

2.2

...

mod_proxy

...

is

...

able

...

to

...

use

...

the

...

extension

...

mod_proxy_balancer

...

Configuration

The configuration of mod_proxy_balancer

...

is

...

similar

...

to

...

pure

...

mod_proxy,

...

except

...

that

...

balancer://

...

URLs

...

may

...

be

...

used

...

as

...

a

...

protocol

...

instead

...

of

...

http://

...

when

...

specifying

...

destinations

...

(workers)

...

in

...

ProxyPass

...

elements.

...


Code Block
# map to cluster with session affinity (sticky sessions)
ProxyPass /balancer !
ProxyPass / balancer://my_cluster/ stickysession=jsessionid nofailover=On

<Proxy balancer://my_cluster>
    BalancerMember http://yourjetty1:8080 route=jetty1
    BalancerMember http://yourjetty2:8080 route=jetty2
</Proxy>
{code}\\
*Proxy 


Proxy balancer://

...

-

...

defines

...

the

...

nodes

...

(workers)

...

in

...

the

...

cluster.

...

Each

...

member

...

may

...

be

...

a

...

http://

...

or

...

ajp://

...

URL

...

or

...

another

...

balancer://

...

URL

...

for

...

cascaded

...

load

...

balancing

...

configuration.

...


If

...

the

...

worker

...

name

...

is

...

not

...

set

...

for

...

the

...

Jetty

...

servers,

...

then

...

session

...

affinity

...

(sticky

...

sessions)

...

will

...

not

...

work.

...

The

...

JSESSIONID

...

cookie

...

must

...

have

...

the

...

format

...

<sessionID>.<worker

...

name>

...

,

...

in

...

which

...

worker

...

name

...

has

...

the

...

same

...

value

...

as

...

the

...

route

...

specified

...

in

...

the

...

BalancerMember

...

above

...

(in

...

this

...

case

...

"jetty1"

...

and

...

"jetty2").

...

See

...

this

...

article

...

for

...

details.

...

The

...

following

...

can

...

be

...

added

...

to

...

the

...

jetty-web.xml

...

in

...

the

...

WEB-INF

...

directory

...

to

...

set

...

the

...

worker

...

name.

...

}
Code Block
<Configure class="org.mortbay.jetty.webapp.WebAppContext">
  <Get name="sessionHandler">
    <Get name="sessionManager">
      <Call name="setIdManager">
        <Arg>
          <New class="org.mortbay.jetty.servlet.HashSessionIdManager">
            <Set name="WorkerName">jetty1</Set>
          </New>
        </Arg>
      </Call>
    </Get>
  </Get>
</Configure>
{code}

h2. Management

Apache provide [mod_status|http://httpd.apache.org/docs/2.2/mod/mod_status.html] and [Balancer Manager Support|http://httpd.apache.org/docs/2.2/mod/mod_proxy_balancer.html#enable] so that the status of the proxy and balancer can be viewed on a web page.   The following configuration enables these UIs at /balancer and /status URLs:
{code}

Management

Apache provide mod_status and Balancer Manager Support so that the status of the proxy and balancer can be viewed on a web page. The following configuration enables these UIs at /balancer and /status URLs:

Code Block
<Location /balancer>
SetHandler balancer-manager

Order Deny,Allow
Deny from all
Allow from all
</Location>


ProxyStatus On
<Location /status>
SetHandler server-status

Order Deny,Allow
Deny from all
Allow from all
</Location>
{code}

These

...

UIs

...

should

...

be

...

protected

...

from

...

external

...

access.

Contact the core Jetty developers at www.webtide.com
private support for your internal/customer projects ... custom extensions and distributions ... versioned snapshots for indefinite support ... scalability guidance for your apps and Ajax/Comet projects ... development services from 1 day to full product delivery