My fun for the evening was attempting to get the Openfire Console to behave behind an apache ProxyPass. The use case is that I can’t reach port 9090 due to firewall (I can’t change) and would like the OF admin console to appear at http://myserver/admin/
Anywhoooo, this doesn’t appear possible I found this JM-496 , whose patch doesn’t appear to work cleanly with SVN trunk?)
I am probably missing something obvious, so if a kind person could let me off the hook!
Did you ever find a solution? I’m trying the exact same solution.
I have found plenty of articles on how to proxy Jetty behind Apache, but it doesn’t work, it seems the page’s pathes are hard coded rather then relative so it keeps returning incorrect URLs.
If the default port 443 is not is use, you can use iptables to redirect all port traffic from port 80 to 9090 and port 443 to 9091. This means that the client is able to connect to admin console on standard http and https ports without manually defining ports in the url.
You want to connect via https because it is secure (even if you are using self-signed certificates) and will not send your password across the network unencrypted.
David,
I am thinking that you could just change the Admin Console Port in the server properties to listen on 80 and 443 without needed iptables at all.
My problem is I think I’m stuck needed to run Apache listening to 80 and 443 on the same ip address as openfire. So I’m back to using the apache mod_proxy module.
I just tried to get OF Admin working with ProxyPass, and like you said it doesn’t like the absolute URLs in most of the links.
Another approach would be to use mod_rewrite and match based on hostname, so you could still do it on a single IP and either define a separate virtual host for it, or just throw it in the default virtual host.
One thing to note with this configuration - You either have to have SNI support in Apache and all your clients, or make sure both names are in the certificate. Looks like in this example you’re using the same key/cert, but it might catch someone out if they use different certs.
It worked for me(made some changes to apache for another web app and now it doesn’t work), here we do not control DNS and are not “officially” allowed to use any chat client, yet some hire ups want it working.
So I needed the ability to run multiple websites/web apps behind apache when the client only has access to a couple ports on the server.
I know have it redirecting to https always, since we auth to AD in all our apps. Now I just have to get webadmin/openfire admin and sparkweb working again behind apache.
I had built the module, but probably just going to go to the latest version of apache for this.
I finally got the other 2 applications straightned out and I went back to get mod_proxy_html working with Apace and mod_proxy_html, I can get the login page, then I can get to the main page but after that it does not seem to be rewritting correctly… Darn if I can remember how I had it when it was working…