Feature request for Wildfire and SparkWeb

I have a feature request for the administration console of Wildfire, as well as SparkWeb. Could you guys please look into a way to make them more easily proxyable with Apache? Since many firewalls block ports other than 80 and 443 (and I like to run web applications across encrypted channels anyway), I prefer to make it possible to access all these different services through an apache instance. This gives consistency for me and my users. However, when it comes to Wildfire and SparkWeb, the paths are incredibly difficult to map with ProxyPass and ProxyPassReverse (unless I’‘m doing them incorrectly). I’'d like to be able to do this without extremely complex rewrite rules, and without having to modify the source of the Wildfire servlets each time.

Anyway, if you could look into it, I think that would be awesome. As an example, I’'m trying to do this:

ProxyPass /sparkweb http://myserver.com:8080/sparkweb

ProxyPassReverse /sparkweb http://myserver.com:8080/sparkweb

This lets me get to the SparkWeb page, but it’'s not possible to login. It looks like some of the settings are simply fetched from Wildfire, but this makes it difficult to make the stuff accessible anywhere other than the default. Thanks! If anyone else has a better way to do these things, please reply to this thread as well.

How the paths are setup now you need to setup another rewrite:

ProxyPass /sparkweb http://myserver.com:8080/sparkweb

ProxyPassReverse /sparkweb http://myserver.com:8080/sparkweb

ProxyPass /http-bind http://myserver.com:8080/http-bind

ProxyPassReverse /http-bind http://myserver.com:8080/http-bind

I would prefer one rewrite and attempting to figure out if there is a way to do this in the current Wildfire setup, hopefully we will have something simpler in the final release. In the least good documentation on how to do it.

Hi,

opening port 80 or 443 requires at least on unix special privileges and I don’'t want to run Wildfire as root. On linux one has iptables to map ports.

I use Squid instead of Apache as a reverse-proxy but I did not test if it works fine also with sparkweb.

LG

That was just an example for the sparkweb portion. I have one for http-bind too, but I just didn’‘t put it into the post. However, it still doesn’'t work.

Huh? I’‘m not sure where the discussion about port 80 and 443 came from. I have apache listening on 80 and 443, and since all the associated services here use HTTP, it makes sense to just proxy the requests. The problem seems to be that some things are based on absolute paths, others on relative, etc., and what’‘s being loaded may or may not be able to be proxied without a ton of additional proxy or rewrite rules. At least, that’‘s how I’‘m seeing it so far. As an example, I’‘m trying to place SparkWeb where it’‘s only available via an encrypted channel, but the JavaScript for SparkWeb is hard-coded to connect to foxybanana.com. So, it doesn’'t work properly.

I guess what I’‘m saying is, and this is for the admin console as well as SparkWeb, sometimes the HTML will link to a file based on a relative path (maybe images/wildfire.jpg or something, for the sake of discussion). But, within the same HTML file, there might be something linking to /someScript.jsp. Depending on how I’‘ve set up the proxy rules (and which proxy rules I have to begin with), that may break the proxy. I’‘d need a specific rule for that, and it may break other things I have on the server. Then, especially when it comes to the XmlHttpRequest stuff, there may be something hard-coded to connect to a specific server/port (like http://foxybanana.com:8080). Once I’‘ve proxied everything, I want it to go somewhere else, but I don’‘t seem to be able to change it since it’'s internal to Wildfire.

Anyway, enough of my rambling. It’‘s just frustrating because I can’‘t think of a good way to do this, and I’‘m assuming that the web development portion was done without anyone actually thinking about these types of situations. But due to restrictive firewalls at work, schools, all of those types of things, it’‘s just not feasible for me to only be able to run these services on these different ports. I’‘m sure I’'m not the only one. Thanks!

That is unusual as far as I know there are no absolute URLs in there. On jivesoftware.com, we are using the sparkweb plugin and only have the two redirects specified. All resources are relative to sparkweb… http://server:port/sparkweb/resources/images/ and http://server:port/sparkweb/resources/javascript/. A relative URL is specified to connect to http-binding /http-bind/ in the javascript that is loaded.

Alex