/ Zope / Apsis / Pound Mailing List / Archive / 2009 / 2009-12 / What should I do to avoid loops?

[ << ] [ >> ]

[ Can't read BIO_f_base64 / "(private) ... ] [ Re: [Pound Mailing List] undefined reference to ... ]

What should I do to avoid loops?
Guillaume Memore <licks0repound(at)hotmail.com>		 2009-12-16 12:48:25 [ FULL ] 
Hello pound people!

First message and pretty newbie with pound at the moment and I have a quick
question. Been reading the mailing already, but can't find a solution to my
problem.

Here's the thing :

I have 2 ways of connecting an internal web server. One is the "normal" was,
the other one is the "https" way.
So I declared everythihng need for the certificate, etc.

When I contact http://cla.ch, it goes to http://internal.cla.ch
When I contact https://cla.ch, it goes to https://internal.cla.ch

The thing is I'd like that requests coming to http://www.cla.ch go to httpS://www.cla.ch

In one word, anthing asking for *.cla.ch*  to be redirected to https://www.cla.ch.

The thing is when I try to do that, my browser says there's a loop.

My config looks like that :

# Start pound as User with Group
User  "pound"
Group "pound"

ListenHTTP
    Address 192.168.1.12
    Port    80

End
        Service
        Redirect : "https://something.cla.ch"
        End
End


ListenHTTPS
        Address 192.168.1.12
        Port    443
        HeadRemove "X-SSL-.*"
        HeadRemove "X-Client-Verify.*"
        Cert    "/etc/ssl/certs/cla.pem"
End
        Service
        HeadRequire "Host: .*something.cla.ch.*"
        BackEnd
        Address internal.cla.ch
        Port    80
        End
    Session
      Type IP
      TTL  300
End

End


When I do that, my browser says there's a loop and nor the http nor the https
proxying are working :-/

I'll be more than happy to have some hints, examples or where to look advices!

Thanks a lot in advance,
Guillaume




 		 	   		  [...]
Attachments:  
text.html text/html 2892 Bytes
Re: [Pound Mailing List] What should I do to avoid loops?
Albert <pound(at)alacra.com>		 2009-12-16 13:52:59 [ FULL ] 
You need to put the redirect service inside the ListenHTTP, like below:



# Start pound as User with Group
User  "pound"
Group "pound"

ListenHTTP
    Address 192.168.1.12
    Port    80
    Service
        Redirect : "https://something.cla.ch"
        End
    End
End


ListenHTTPS
        Address 192.168.1.12
        Port    443
        HeadRemove "X-SSL-.*"
        HeadRemove "X-Client-Verify.*"
        Cert    "/etc/ssl/certs/cla.pem"
End
        Service
        HeadRequire "Host: .*something.cla.ch.*"
        BackEnd
        Address internal.cla.ch
        Port    80
        End
    Session
      Type IP
      TTL  300
End

End



Guillaume Memore wrote:[...]
RE: [Pound Mailing List] What should I do to avoid loops?
Guillaume Memore <licks0repound(at)hotmail.com>		 2009-12-16 14:16:09 [ FULL ] 
I feel stupid.... :-)

Thanks a lot, fixed the problem I've been fighting since this morning!
Think I'll learn a lot on this mailing on the pound usage. I saw some quite
complex setups while googling "pound", but the general usage of the product is
charming and works really well!

Cheers & happy end of year,
Guillaume
[...]
 		 	   		  [...]
Attachments:  
text.html text/html 5110 Bytes
MailBoxer