documentation:1.4:internalproxy

Internal Proxy

LemonLDAP::NG provides a proxy that can replace the use of Apache mod_proxy. This proxy use LWP Perl module to relay HTTP request. It can inspect HTTP headers to replace on the fly the Location and Set-Cookie headers.

Main differences with mod_proxy:

  • The whole Location value is replaced, including the scheme (http or https), which can help to manage redirections below SSL hardware equipments
  • It is compliant with the form replay feature

The configuration is done in Apache, in a virtual host.

For example, to proxy https://www.public.com to http://www.private.com:

<VirtualHost>
  ServerName www.public.com
 
  PerlModule Lemonldap::NG::Handler::Proxy
  SetHandler perl-script
  PerlHandler Lemonldap::NG::Handler::Proxy
 
  PerlSetVar LmProxyPass http://www.private.com/
  PerlSetVar LmLocationToReplace http://www.private.com/,https://www.public.com
  PerlSetVar LmCookieDomainToReplace private.com,public.com
</VirtualHost>

Parameters:

  • LmProxyPass: URL to relay HTTP requests
  • LmLocationToReplace: string to replace in Location header
  • LmCookieDomainToReplace: string to replace in Set-Cookie header