on 07-14-2017 11:38 AM
Hi Experts,
We have a SAP Web dispatcher installed in our landscape and a Web AS system as its backend. Our backend systems is initially configured with the below parameters :
rdisp/mshost = XXXWAST1
ms/http_port = 81XX
Now we have an External Apache server installed and we need to forward the requests coming on https://abc.com/testservice to http://<Apache IP Addr>/testservice
So I have made the below the parameter changes :
#rdisp/mshost = XXXWAST1
#ms/http_port = 81XX
Hashed out above 2 parameters.
Inserted below 3 parameters :
1. wdisp/system_conflict_resolution = 1
2. wdisp/system_0 = SID=EXT, EXTSRV=<Apache IP Addr>, SRCSRV=abc.com:80;abc.com:443, SRCURL=/testservice
3. wdisp/system_1 = SID=WAS, MSHOST=XXXWAST1, MSPORT=81XX, SRCURL=/
And ports are configured as below :
#-------------- # SAP Web Dispatcher(SWD) Ports #----------------------
icm/server_port_0 = PROT=HTTP,PORT=80,EXTBIND=1,HOST=SWD,TIMEOUT=10,PROCTIMEOUT=300
icm/server_port_1 = PROT=HTTPS,PORT=443,EXTBIND=1,HOST=SWD,TIMEOUT=10,PROCTIMEOUT=300
--> But still it doesn't seem to be working, SSL is configured only on our Web Dispatcher and PROT is maintained to HTTPS in the parameter icm/server_port_1 instead of ROUTER, but still no luck.
-> Also if we see the requirement the forwarding has to be done from https://abc.com/testservice to http://<Apache IP Addr>/testservice, but the parameter wdisp/system_0 has the provision to mention SRCURL=/testservice but no such provision as EXTURL where the internal URL prefixes can also be mentioned !! Is there any other way to achieve this ??
Thanks in Advance !!
Hello Srikanth,
Can you please be more specific on how the parameter wdisp/system_0 is being defined?
I mean, what is being added to the EXTSRV argument?
You would need to put something like "EXTSRV=http://hostname.from.apache".
If the Apache is not listening on the default HTTP port (80), then you need to specify the port too.
For example, if the port is 8000:
EXTSRV=http://hostname.from.apache:8000
Regards,
Isaías
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Srikanth,
So, the complete parameter looks like this?
wdisp/system_0 = SID=EXT, EXTSRV=http://IP.FROM.APACHE, SRCSRV=XXXX.YYYY.com:80;XXXX.YYYY.com:443, SRCURL=/
Where "XXXX.YYYY.com" would be the Web Dispatcher hostname.
Regards
Isaías
Hello Isaias,
I have maintained the parameter in the same way but XXXX.YYYY.com is not maintained as the hostname of the webdiptcher but it is actually maintained as abc.com i.e.
1. wdisp/system_conflict_resolution = 1
2. wdisp/system_0 = SID=EXT, EXTSRV=http://IP.FROM.APACHE, SRCSRV= abc.com:80; abc.com:443, SRCURL=/testservice
3. wdisp/system_1 = SID=WAS, MSHOST=XXXWAST1, MSPORT=81XX, SRCURL=/
This is not forwarding the request as desired, later I tried removing SRCSRV leaving it to default as below :
wdisp/system_conflict_resolution = 1
wdisp/system_0 = SID=EXT, EXTSRV=http://IP.FROM.APACHE, SRCURL=/testservice
wdisp/system_1 = SID=WAS, MSHOST=XXXWAST1, MSPORT=81XX, SRCURL=/
But this time it gives below error :
Attaching the complete profile parameters, can you please suggest :
SAPSYSTEMNAME = SID
SAPSYSTEM = XX
INSTANCE_NAME = WXX
DIR_CT_RUN = $(DIR_EXE_ROOT)/run
DIR_EXECUTABLE = $(DIR_CT_RUN)
#----------------------------------------------------------------------- # Accesssability of Message Server #----------------------------------------------------------------------- #rdisp/mshost = XXXWAST1 #ms/http_port = 81XX #----------------------------------------------------------------------- # Configuration for medium scenario #----------------------------------------------------------------------- icm/max_conn = 16384
icm/max_sockets = 32768
wdisp/HTTP/max_pooled_con = 1000
wdisp/HTTPS/max_pooled_con = 1000
icm/req_queue_len = 8000
icm/min_threads = 100
icm/max_threads = 350
mpi/total_size_MB = 700
mpi/max_pipes = 20500
wdisp/HTTP/use_pool_for_new_conn = 1
icm/listen_queue_len = 1024
#icm/conn_timeout = 10000
#ssl/server_cache_size = 25000
#ssl/server_cache_lifetime = 1800
###Undocumented Parameters########################
icm/ssl_block_timeout = 30 icm/conn_local = FALSE
#---------------------------------------------------------------------- #CR1193 e-Solver Increase Web Dispatcher SSL cache #---------------------------------------------------------------------- ssl/server_cache_size = 25000 ssl/server_cache_lifetime = 1800 #---------------------------------------------------------------------- #Web Content Caching #--------------------------------------------------------------icm/HTTP/server_cache_0/expiration=14400 icm/HTTP/server_cache_1/expiration=14400 icm/HTTP/server_cache_2/expiration=14400 icm/HTTP/server_cache_3/expiration=14400 icm/HTTP/server_cache_4/expiration=14400 icm/HTTP/server_cache_5/expiration=14400 icm/HTTP/server_cache_6/expiration=14400 icm/HTTP/server_cache_7/expiration=14400 icm/HTTP/server_cache_8/expiration=14400 icm/HTTP/server_cache_9/expiration=14400
icm/HTTP/server_cache_0 = PREFIX=/sshf/images/,CACHEDIR=/webcache/sshf
icm/HTTP/server_cache_1 = PREFIX=/b2c_xxx/b2c/productRegistration/images/,CACHEDIR=/webcache/prg icm/HTTP/server_cache_2 = PREFIX=/b2c_xxx/b2c/productRegistration/js/,CACHEDIR=/webcache/prg/js icm/HTTP/server_cache_3 = PREFIX=/b2c_xxx/b2c/productRegistration/css/,CACHEDIR=/webcache/prg/css icm/HTTP/server_cache_4 = PREFIX=/b2c_xxx/b2c/productRegistration/flash/,CACHEDIR=/webcache/prg/flash icm/HTTP/server_cache_5 = PREFIX=/crm/productreg/,CACHEDIR=/webcache/crm
icm/HTTP/server_cache_6 = PREFIX=/products/store/images/,CACHEDIR=/webcache/products icm/HTTP/server_cache_7 = PREFIX=/b2c_xxx/b2c/js/,CACHEDIR=/webcache/b2c
icm/HTTP/server_cache_8 = PREFIX=/ps-web/js/,CACHEDIR=/webcache/psweb
icm/HTTP/server_cache_9 = PREFIX=/products/store/utf8/,CACHEDIR=/webcache/products/header
#--------------------------------------------------------------------- #Trace logging #---------------------------------------------------------------- rdisp/TRACE_LOGGING = on, 200 m
#rdisp/TRACE = 3
#rdisp/TRACE_PATTERN_0 = "sl23_get"
#rdisp/TRACE_PATTERN_1 = "NO_SSL" #rdisp/TRACE_PATTERN_2 = "BAD_NI"
#rdisp/TRACE_PATTERN_3 = "BlockedThreads"
#---------------------------------------------------------------------- # Error Handling #-------------------------------------------------------------#is/HTTP/show_detailed_errors = FALSE
#icm/HTTP/error_templ_path =/usr/sap/SID/WXX/data/icmerror
#----------------------------------------------------------------- #ICM administration #-------------------------------------------------------------icm/HTTP/admin_0 = PREFIX=/sap/admin,DOCROOT=/sapmnt/SID/profile/admin,AUTHFILE=/sapmnt/SID/profile/admin/icmauth.txt #CLIENTHOST=10.100.2.129
#----------------------------------------------------------------------- # Configuration for http access log(add source ip detect) #--------icm/HTTP/logging_0 = PREFIX=/, LOGFILE=access_log-%y-%m-%d, SWITCHTF=day, LOGFORMAT=%{X-Forwarded-For}i %h %l %u %t "%r" %s %b %L
icm/HTTP/logging_client_0 = PREFIX=/, LOGFILE=client_access_log-%y-%m-%d, SWITCHTF=day
#----------------------------------------------------------------------- # SAP Web Dispatcher Ports #-------------------------------------------- icm/server_port_0 = PROT=HTTP,PORT=80,EXTBIND=1,HOST=SID,TIMEOUT=10,PROCTIMEOUT=300 icm/server_port_1 = PROT=HTTPS,PORT=443,EXTBIND=1,HOST=SID,TIMEOUT=10,PROCTIMEOUT=300 icm/server_port_2 = PROT=HTTP,PORT=9000,TIMEOUT=10,PROCTIMEOUT=300
#------------------------- # Added for HTTPS #------------------------- #
DIR_INSTANCE=/usr/sap/SID/secudir
ssl/ssl_lib=/usr/sap/SID/secudir/libsapcrypto.so
ssl/server_pse=/usr/sap/SID/secudir/WDP_DP1.pse
ssl/client_pse=/usr/sap/SID/secudir/WDP_DP1.pse
#ssl/server_pse=/usr/sap/SID/secudir/WDP_SID.pse
#ssl/client_pse=/usr/sap/SID/secudir/WDP_SID.pse
wdisp/ssl_encrypt=0
wdisp/add_client_protocol_header=true
icm/HTTPS/verify_client = 0
#ssl/ciphersuites=135:HIGH
ssl/ciphersuites=135:PFS:HIGH:TLS_FALLBACK_SCSV:!e3DES
ssl/client_ciphersuites=144:HIGH
#------------------------- # URL Filter #-------------------------
#wdisp/permission_table = /sapmnt/SID/profile/ptabfile,
wdisp/system_conflict_resolution = 1
wdisp/system_0 = SID=EXT, EXTSRV=http://<Apache.Ip.Addr>, SRCURL=/testservice
wdisp/system_1 = SID=WAS, MSHOST=XXXWAST1, MSPORT=81XX, SRCURL=/
#------------------------- # HTTP Redirect #------------------------- #
#icm/HTTP/redirect_0 = PREFIX=/, FROM=*, FOR=<SID of Web Disp>, HOST=abc.com
#icm/HTTP/redirect_1 = PREFIX=/, FROM=*, FOR=XXX.XXX.XXX.XXX, HOST=abc.com
# # HTTP to HTTPS
icm/HTTP/redirect_0 = PREFIX=/products/vaio/app/backend, FROM=*, FROMPROT=http, PROT=https, HOST=abc.com icm/HTTP/redirect_1 = PREFIX=/b2c_xxx, FROM=*, FROMPROT=http, PROT=https, HOST=abc.com icm/HTTP/redirect_2 = PREFIX=/dws, FROM=*, FROMPROT=http, PROT=https, HOST=abc.com icm/HTTP/redirect_3 = PREFIX=/, FROM=/b2c_xxx/admin*, TO=/find-none.htm icm/HTTP/redirect_4 = PREFIX=/myxxx/seminar/app/member_login.do, FROM=*, FROMPROT=http, PROT=https, HOST=abc.com icm/HTTP/redirect_5 = PREFIX=/myxxx/seminar/app/login.do, FROM=*, FROMPROT=http, PROT=https, HOST=abc.com icm/HTTP/redirect_6 = PREFIX=/myxxx/seminar/app/confirm_submit.do, FROM=*, FROMPROT=http, PROT=https, HOST=abc.com icm/HTTP/redirect_7 = PREFIX=/myxxx/seminar/app/thank.do, FROM=*, FROMPROT=http, PROT=https, HOST=abc.comCan you please suggest ?
Thanks in Advance !!
Regards,
Srikanth
Hello Srikanth,
If you are using the following parameters:
wdisp/system_conflict_resolution = 1
wdisp/system_0 = SID=EXT, EXTSRV=http://IP.FROM.APACHE, SRCURL=/testservice
wdisp/system_1 = SID=WAS, MSHOST=XXXWAST1, MSPORT=81XX, SRCURL=/
Then the Web Dispatcher would forward all requests to "/testservice<anything>" to the Apache, and everything else to the WAS system.
The issue at the "error.png" is related to the redirect parameters. As the error page states, the browser detected a redirect loop. In other words, you are accessing "https://website.com/something" and this is replying with a redirect to that same address.
Since we cannot see the actual request in the "error.png" file, it would not be possible to identify which redirect parameter is causing the issue.
I analyzed all redirect parameters, and these could be potentially creating the loop (although the first one seems to be commented at the profile that was shared):
#icm/HTTP/redirect_12 = PREFIX=/b2c_xxx/b2c/displayUsername, FROM=*, FROMPROT=http, PROT=http, HOST=abc.com
icm/HTTP/redirect_14 = PREFIX=/, FROM=*,FOR=store.xxx.com.cn, HOST=abc.com
icm/HTTP/redirect_16 = PREFIX=/, FROM=*,FOR=store.xxx.com.cn, HOST=abc.com
You can double check all redirect parameters to identify which one is causing the loop.
Regards,
Isaías
User | Count |
---|---|
86 | |
10 | |
10 | |
9 | |
6 | |
6 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.