Skip to Content
0

URL forwarding in SAP Web dispatcher to Non SAP Server i.e Apache server

Jul 14, 2017 at 10:38 AM

301

avatar image
Former Member

Hi Experts,

We have a SAP Web dispatcher installed in our landscape and a Web AS system as its backend. Our backend systems is initially configured with the below parameters :

rdisp/mshost = XXXWAST1

ms/http_port = 81XX

Now we have an External Apache server installed and we need to forward the requests coming on https://abc.com/testservice to http://<Apache IP Addr>/testservice

So I have made the below the parameter changes :

#rdisp/mshost = XXXWAST1

#ms/http_port = 81XX

Hashed out above 2 parameters.

Inserted below 3 parameters :

1. wdisp/system_conflict_resolution = 1

2. wdisp/system_0 = SID=EXT, EXTSRV= , SRCSRV= abc.com:80; abc.com:443, SRCURL=/testservice

3. wdisp/system_1 = SID=WAS, MSHOST=XXXWAST1, MSPORT=81XX, SRCURL=/

And ports are configured as below :

#-------------- # SAP Web Dispatcher(SWD) Ports #----------------------

icm/server_port_0 = PROT=HTTP,PORT=80,EXTBIND=1,HOST=SWD,TIMEOUT=10,PROCTIMEOUT=300

icm/server_port_1 = PROT=HTTPS,PORT=443,EXTBIND=1,HOST=SWD,TIMEOUT=10,PROCTIMEOUT=300

--> But still it doesn't seem to be working, SSL is configured only on our Web Dispatcher and PROT is maintained to HTTPS in the parameter icm/server_port_1 instead of ROUTER, but still no luck.

-> Also if we see the requirement the forwarding has to be done from https://abc.com/testservice to http://<Apache IP Addr>/testservice, but the parameter wdisp/system_0 has the provision to mention SRCURL=/testservice but no such provision as EXTURL where the internal URL prefixes can also be mentioned !! Is there any other way to achieve this ??

Thanks in Advance !!

10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

1 Answer

Isaias Freitas
Jul 14, 2017 at 09:23 PM
0

Hello Srikanth,

Can you please be more specific on how the parameter wdisp/system_0 is being defined?

I mean, what is being added to the EXTSRV argument?

You would need to put something like "EXTSRV=http://hostname.from.apache".

If the Apache is not listening on the default HTTP port (80), then you need to specify the port too.

For example, if the port is 8000:

EXTSRV=http://hostname.from.apache:8000

Regards,

Isaías

Show 4 Share
10 |10000 characters needed characters left characters exceeded
Former Member

Hello Isaias,

Thanks for responding !! Thats a typo.. missed the apache IP there :

wdisp/system_0 = SID=EXT, EXTSRV= , SRCSRV= XXXXX.YYYY.com:80; XXXXX.YYYY.com:80:443, SRCURL=/

Apache is also running on the default port 80.

Regards,

Srikanth G

0

Hello Srikanth,

So, the complete parameter looks like this?

wdisp/system_0 = SID=EXT, EXTSRV=http://IP.FROM.APACHE, SRCSRV=XXXX.YYYY.com:80;XXXX.YYYY.com:443, SRCURL=/

Where "XXXX.YYYY.com" would be the Web Dispatcher hostname.

Regards

Isaías

0
Former Member

Hello Isaias,

I have maintained the parameter in the same way but XXXX.YYYY.com is not maintained as the hostname of the webdiptcher but it is actually maintained as abc.com i.e.

1. wdisp/system_conflict_resolution = 1

2. wdisp/system_0 = SID=EXT, EXTSRV=http://IP.FROM.APACHE, SRCSRV= abc.com:80; abc.com:443, SRCURL=/testservice

3. wdisp/system_1 = SID=WAS, MSHOST=XXXWAST1, MSPORT=81XX, SRCURL=/

This is not forwarding the request as desired, later I tried removing SRCSRV leaving it to default as below :

wdisp/system_conflict_resolution = 1

wdisp/system_0 = SID=EXT, EXTSRV=http://IP.FROM.APACHE, SRCURL=/testservice

wdisp/system_1 = SID=WAS, MSHOST=XXXWAST1, MSPORT=81XX, SRCURL=/

But this time it gives below error :

error.png

Attaching the complete profile parameters, can you please suggest :

SAPSYSTEMNAME = SID

SAPSYSTEM = XX

INSTANCE_NAME = WXX

DIR_CT_RUN = $(DIR_EXE_ROOT)/run

DIR_EXECUTABLE = $(DIR_CT_RUN)

#----------------------------------------------------------------------- # Accesssability of Message Server #----------------------------------------------------------------------- #rdisp/mshost = XXXWAST1 #ms/http_port = 81XX #----------------------------------------------------------------------- # Configuration for medium scenario #----------------------------------------------------------------------- icm/max_conn = 16384

icm/max_sockets = 32768

wdisp/HTTP/max_pooled_con = 1000

wdisp/HTTPS/max_pooled_con = 1000

icm/req_queue_len = 8000

icm/min_threads = 100

icm/max_threads = 350

mpi/total_size_MB = 700

mpi/max_pipes = 20500

wdisp/HTTP/use_pool_for_new_conn = 1

icm/listen_queue_len = 1024

#icm/conn_timeout = 10000

#ssl/server_cache_size = 25000

#ssl/server_cache_lifetime = 1800

###Undocumented Parameters########################

icm/ssl_block_timeout = 30 icm/conn_local = FALSE

#---------------------------------------------------------------------- #CR1193 e-Solver Increase Web Dispatcher SSL cache #---------------------------------------------------------------------- ssl/server_cache_size = 25000 ssl/server_cache_lifetime = 1800 #---------------------------------------------------------------------- #Web Content Caching #--------------------------------------------------------------icm/HTTP/server_cache_0/expiration=14400 icm/HTTP/server_cache_1/expiration=14400 icm/HTTP/server_cache_2/expiration=14400 icm/HTTP/server_cache_3/expiration=14400 icm/HTTP/server_cache_4/expiration=14400 icm/HTTP/server_cache_5/expiration=14400 icm/HTTP/server_cache_6/expiration=14400 icm/HTTP/server_cache_7/expiration=14400 icm/HTTP/server_cache_8/expiration=14400 icm/HTTP/server_cache_9/expiration=14400

icm/HTTP/server_cache_0 = PREFIX=/sshf/images/,CACHEDIR=/webcache/sshf

icm/HTTP/server_cache_1 = PREFIX=/b2c_xxx/b2c/productRegistration/images/,CACHEDIR=/webcache/prg icm/HTTP/server_cache_2 = PREFIX=/b2c_xxx/b2c/productRegistration/js/,CACHEDIR=/webcache/prg/js icm/HTTP/server_cache_3 = PREFIX=/b2c_xxx/b2c/productRegistration/css/,CACHEDIR=/webcache/prg/css icm/HTTP/server_cache_4 = PREFIX=/b2c_xxx/b2c/productRegistration/flash/,CACHEDIR=/webcache/prg/flash icm/HTTP/server_cache_5 = PREFIX=/crm/productreg/,CACHEDIR=/webcache/crm

icm/HTTP/server_cache_6 = PREFIX=/products/store/images/,CACHEDIR=/webcache/products icm/HTTP/server_cache_7 = PREFIX=/b2c_xxx/b2c/js/,CACHEDIR=/webcache/b2c

icm/HTTP/server_cache_8 = PREFIX=/ps-web/js/,CACHEDIR=/webcache/psweb

icm/HTTP/server_cache_9 = PREFIX=/products/store/utf8/,CACHEDIR=/webcache/products/header

#--------------------------------------------------------------------- #Trace logging #---------------------------------------------------------------- rdisp/TRACE_LOGGING = on, 200 m

#rdisp/TRACE = 3

#rdisp/TRACE_PATTERN_0 = "sl23_get"

#rdisp/TRACE_PATTERN_1 = "NO_SSL" #rdisp/TRACE_PATTERN_2 = "BAD_NI"

#rdisp/TRACE_PATTERN_3 = "BlockedThreads"

#---------------------------------------------------------------------- # Error Handling #-------------------------------------------------------------#is/HTTP/show_detailed_errors = FALSE

#icm/HTTP/error_templ_path =/usr/sap/SID/WXX/data/icmerror

#----------------------------------------------------------------- #ICM administration #-------------------------------------------------------------icm/HTTP/admin_0 = PREFIX=/sap/admin,DOCROOT=/sapmnt/SID/profile/admin,AUTHFILE=/sapmnt/SID/profile/admin/icmauth.txt #CLIENTHOST=10.100.2.129

#----------------------------------------------------------------------- # Configuration for http access log(add source ip detect) #--------icm/HTTP/logging_0 = PREFIX=/, LOGFILE=access_log-%y-%m-%d, SWITCHTF=day, LOGFORMAT=%{X-Forwarded-For}i %h %l %u %t "%r" %s %b %L

icm/HTTP/logging_client_0 = PREFIX=/, LOGFILE=client_access_log-%y-%m-%d, SWITCHTF=day

#----------------------------------------------------------------------- # SAP Web Dispatcher Ports #-------------------------------------------- icm/server_port_0 = PROT=HTTP,PORT=80,EXTBIND=1,HOST=SID,TIMEOUT=10,PROCTIMEOUT=300 icm/server_port_1 = PROT=HTTPS,PORT=443,EXTBIND=1,HOST=SID,TIMEOUT=10,PROCTIMEOUT=300 icm/server_port_2 = PROT=HTTP,PORT=9000,TIMEOUT=10,PROCTIMEOUT=300

#------------------------- # Added for HTTPS #------------------------- #

DIR_INSTANCE=/usr/sap/SID/secudir

ssl/ssl_lib=/usr/sap/SID/secudir/libsapcrypto.so

ssl/server_pse=/usr/sap/SID/secudir/WDP_DP1.pse

ssl/client_pse=/usr/sap/SID/secudir/WDP_DP1.pse

#ssl/server_pse=/usr/sap/SID/secudir/WDP_SID.pse

#ssl/client_pse=/usr/sap/SID/secudir/WDP_SID.pse

wdisp/ssl_encrypt=0

wdisp/add_client_protocol_header=true

icm/HTTPS/verify_client = 0

#ssl/ciphersuites=135:HIGH

ssl/ciphersuites=135:PFS:HIGH:TLS_FALLBACK_SCSV:!e3DES

ssl/client_ciphersuites=144:HIGH

#------------------------- # URL Filter #-------------------------

#wdisp/permission_table = /sapmnt/SID/profile/ptabfile,

wdisp/system_conflict_resolution = 1

wdisp/system_0 = SID=EXT, EXTSRV=http://<Apache.Ip.Addr>, SRCURL=/testservice

wdisp/system_1 = SID=WAS, MSHOST=XXXWAST1, MSPORT=81XX, SRCURL=/

#------------------------- # HTTP Redirect #------------------------- #

#icm/HTTP/redirect_0 = PREFIX=/, FROM=*, FOR= , HOST= abc.com

#icm/HTTP/redirect_1 = PREFIX=/, FROM=*, FOR=XXX.XXX.XXX.XXX, HOST=abc.com

# # HTTP to HTTPS

icm/HTTP/redirect_0 = PREFIX=/products/vaio/app/backend, FROM=*, FROMPROT=http, PROT=https, HOST= abc.com icm/HTTP/redirect_1 = PREFIX=/b2c_xxx, FROM=*, FROMPROT=http, PROT=https, HOST= abc.com icm/HTTP/redirect_2 = PREFIX=/dws, FROM=*, FROMPROT=http, PROT=https, HOST= abc.com icm/HTTP/redirect_3 = PREFIX=/, FROM=/b2c_xxx/admin*, TO=/ find-none.htm icm/HTTP/redirect_4 = PREFIX=/myxxx/seminar/app/ member_login.do, FROM=*, FROMPROT=http, PROT=https, HOST= abc.com icm/HTTP/redirect_5 = PREFIX=/myxxx/seminar/app/ login.do, FROM=*, FROMPROT=http, PROT=https, HOST= abc.com icm/HTTP/redirect_6 = PREFIX=/myxxx/seminar/app/ confirm_submit.do, FROM=*, FROMPROT=http, PROT=https, HOST= abc.com icm/HTTP/redirect_7 = PREFIX=/myxxx/seminar/app/ thank.do, FROM=*, FROMPROT=http, PROT=https, HOST= abc.com
icm/HTTP/redirect_8 = PREFIX=/, FROM=/b2c_xxx/core*, TO=/ find-none.htm icm/HTTP/redirect_9 = PREFIX=/, FROM=/b2c_xxx/user*, TO=/ find-none.htm icm/HTTP/redirect_10 = PREFIX=/, FROM=/b2c_xxx/data*, TO=/ find-none.htm icm/HTTP/redirect_11 = PREFIX=/survey, FROM=*, FROMPROT=http, PROT=https, HOST= abc.com #icm/HTTP/redirect_11 = PREFIX=/, FROM=/gsearch/app/*, TO=/ gs403.htm #icm/HTTP/redirect_12 = PREFIX=/b2c_xxx/b2c/displayUsername, FROM=*, FROMPROT=http, PROT=http, HOST= abc.com icm/HTTP/redirect_12 = PREFIX=/myxxx/photocontest/app, FROM=*, FROMPROT=http, PROT=https, HOST= abc.com icm/HTTP/redirect_13 = PREFIX=/myxxx/seminar/app, FROM=*, FROMPROT=http, PROT=https, HOST= abc.com icm/HTTP/redirect_14 = PREFIX=/, FROM=*,FOR= store.xxx.com.cn, HOST= abc.com icm/HTTP/redirect_15 = PREFIX=/myxxx/campaign/api/secure/, FROM=*, FROMPROT=http, PROT=https, HOST= abc.com icm/HTTP/redirect_16 = PREFIX=/, FROM=*,FOR= store.xxx.com.cn, HOST= abc.com icm/HTTP/redirect_17 = PREFIX=/myxxx/campaign/api/secure/, FROM=*, FROMPROT=http, PROT=https, HOST= abc.com icm/HTTP/redirect_18 = PREFIX=/compare/app/mobile/ pushInfo.do, FROM=*, TO=/products/comparison/app/mobile/ pushInfo.do, HOST= abc.com icm/HTTP/redirect_20 = PREFIX=/myxxx/lecture/ login.htm, FROM=*, FROMPROT=http, PROT=https, HOST= abc.com icm/HTTP/redirect_21 = PREFIX=/wechat_app/ login.htm, FROM=*, FROMPROT=http, PROT=https, HOST= abc.com icm/HTTP/redirect_22 = PREFIX=/wechat_app/ register.htm, FROM=*, FROMPROT=http, PROT=https, HOST= abc.com

Can you please suggest ?

Thanks in Advance !!

Regards,

Srikanth

error.png (10.9 kB)
0

Hello Srikanth,

If you are using the following parameters:

wdisp/system_conflict_resolution = 1
wdisp/system_0 = SID=EXT, EXTSRV=http://IP.FROM.APACHE, SRCURL=/testservice
wdisp/system_1 = SID=WAS, MSHOST=XXXWAST1, MSPORT=81XX, SRCURL=/

Then the Web Dispatcher would forward all requests to "/testservice<anything>" to the Apache, and everything else to the WAS system.

The issue at the "error.png" is related to the redirect parameters. As the error page states, the browser detected a redirect loop. In other words, you are accessing "https://website.com/something" and this is replying with a redirect to that same address.

Since we cannot see the actual request in the "error.png" file, it would not be possible to identify which redirect parameter is causing the issue.

I analyzed all redirect parameters, and these could be potentially creating the loop (although the first one seems to be commented at the profile that was shared):

#icm/HTTP/redirect_12 = PREFIX=/b2c_xxx/b2c/displayUsername, FROM=*, FROMPROT=http, PROT=http, HOST=abc.com
icm/HTTP/redirect_14 = PREFIX=/, FROM=*,FOR=store.xxx.com.cn, HOST=abc.com
icm/HTTP/redirect_16 = PREFIX=/, FROM=*,FOR=store.xxx.com.cn, HOST=abc.com

You can double check all redirect parameters to identify which one is causing the loop.

Regards,

Isaías

0