I have a Apache server running 2.4.6, Tomcat 8.5.33 running lucee.
We have rewrite rules that proxy to AJP on port 8009.
ProxyPassReverse / ajp://localhost:8009/ timeout=3600
RewriteEngine On
# Rewrite sitemap
RewriteRule ^/sitemap\.txt$ ajp://localhost:8009/sitemap/index.cfm?format=txt [P]
RewriteRule ^/sitemap\.xml$ ajp://localhost:8009/sitemap/index.cfm [P]
I need to implement the secret and am able to setup in server.xml without issue, but having a hard time finding out how I pass the secret via the rewrite rule???
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" maxThreads="400" requiredSecret="PasswordGoesHere!" />
Anyone have an idea on how I can pass the secret???
Thanks Grant
The answer is unfortunately: You can't, unless you upgrade to some later Apache2 version that supports the secret flag in mod_proxy_ajp, and even then I don't quite understand how to pass the flag using a RewriteRule.
I have some machines with Debian 9, Apache2 2.4.25-3+deb9u9 and Tomcat8 8.5.54-0+deb9u. There was a defect filed in the debian bugs list (see https://www.mail-archive.com/[email protected]/msg561495.html), but this was closed as working as intended - they are not going to backport the patch to 2.4.25, so with your 2.4.6 you are definitely out of luck with getting this combination to work with a secret set.
The only solution to the problem would be to set secretRequired="false" in the connector configuration of your Tomcat's server.xml.
With mod_proxy_ajp (cfr. https://httpd.apache.org/docs/trunk/mod/mod_proxy_ajp.html) you just add "?secret=XXX" to the rewritten path of the ProxyPass directive. I've never used a rewriterule to address Tomcat.
Caveat: ?secret 0x0C String Supported since 2.4.42