1

My requirement is quite simple. I have a forward proxy in Apache and clients send SOAP calls to this forward proxy. This proxy needs to be able to rewrite the URL to something else, and forward the request yet another proxy.

This is my configuration so far:

<Proxy *>
Order Allow,Deny
Allow from all

RewriteEngine  on
RewriteRule    "^(.*)"  "https://test.salesforce.com/services/Soap/u/20.0"  [P]

</Proxy>

AllowCONNECT 80 443 553 22


# This is the main proxy configuration
ProxyPass /Salesforce http://user:[email protected]:80/ retry=1 acquire=3000 timeout=600 Keepalive=On
ProxyPassReverse /Salesforce http://user:[email protected]:80/

I am not sure if my rewrite rule is at all correct. Can any you please confirm?

Improve this question

1 Answer 1

Reset to default
1

The configuration looks so very ugly and I'm not sure what you are trying to do, but still, it really looks as you are just trying to reverse proxy, not forward proxy, I'll try to help with the mistakes anyways the best I can.

The Rewrite, if you are trying to capture a group, I guess you want to use it later:

RewriteRule ^(.*) https://test.salesforce.com/services/Soap/u/20.0/$1  [P,L]

But why a Rewrite?, you are using the P flag, which is used to proxy, what you are trying there is not a rewrite, this a reverse proxy, so why not just:

ProxyPass / https://test.salesforce.com/services/Soap/u/20.0/

AllowConnect, this is to allow SSL forward proxy connections, why do you specify port 80? You want them to go through SSL too? Looks very wrong.

AllowCONNECT 443 553 22

And about your last directives, you need to match slashes for them to work correctly, and also reverse proxy connections should be specified more specific first. First, make sure you do want a forward proxy, but in a forward proxy you can allow/disallow a backend but you don't specify backends, if you specify the backend that is a reverse proxy:

This is briefly what I would go for interpreting what you want, removing all forward proxy related directives:

ProxyPass /Salesforce/ http://user:[email protected]/ retry=1 acquire=3000 timeout=600 Keepalive=On
ProxyPassReverse /Salesforce/ http://10.54.167.70/

SSLProxyEngine on
ProxyPass / https://test.salesforce.com/services/Soap/u/20.0/
ProxyPassReverse / https://test.salesforce.com/services/Soap/u/20.0/

This answer could be refined if you can specify further the "forward proxy" part you mention.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Thanks @ezra-s . Actually my use case is much more complex than this. Let me explain it to you: I have a very old application that sends requests to a corporate proxy. Because of some security constraint mandated by the company, this application now needs to send the request to a man-in-the-middle proxy and that one needs to forward it to the corporate proxy. So the application sends the SOAP request to forward proxy, it then rewrites the URL to the target URL (which is in the cloud) and the corporate proxy sends to the cloud. Hope this helps
So, basically, "test.salesforce.com/services/Soap/u/20.0" is my end URL. But the application needs to publish the request to URL A (forward proxy), that then forward to URL B (corporate proxy) and then sends to salesforce. Thanks!

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.