Having probem with Helicon APE RewriteProxy

[joekathan Profile]

HI

I am preforming an evaluation of Helicon APE. I am having a problem with RewriteProxy. It is not forwarding to the URL constructed - Fiddler showsnothing at all leaving the box - RewriteProxy throws back a 404 to the application that initiated the call. The resulting URL in the rewrite log is correct - if I hit it directly I do not get a 404. Any helpappreciated...info from the logs and scripts follow.

Thanks

Joe

-----------Logs and Scripts----------

I am using APE 3.1.0.256 according the help/about in Helicon APE Manager. I've also done "RewriteRule . – [F]" in .htaccess to see if APE was set up correctly - that returns a 403.

My script for .htaccess is:

DBDriver mssql
DBDParams "Data Source=ONESTS-174;Initial Catalog=PRO_ADMIN;Trusted_Connection=Yes;"
DBDPrepareSQL "select RTRIM(STSURL) from CONFIG.HostedURLMap where OSAURL=@KEY" osa_map_select

RewriteEngine On
RewriteMap map_dbd dbd:osa_map_select
RewriteCond ${map_dbd:$1|NOT_FOUND} (.*)
RewriteCond %1 !NOT_FOUND
RewriteProxy (.+) https://%{HTTP_HOST}%1

# there is no change if I put [L] on the RewriteProxy line, or change it to RewriteRule with [L} or [LP].

In httpd.conf I have:

RewriteLog E:/HLTHPNT/APErewrite.log
RewriteLogLevel 9
Loglevel debug
ErrorLog E:/HLTHPNT/APEerror.log
ProxyRequests ON

APE error log shows:

[2017-03-12 19:59:57.868] [LicenseManager] Server mode: Trial days left 44. (SiteId= 2)
[2017-03-12 19:59:57.899] [mod_core_context:2] (debug) [/SecureTokenService/EMR153/IdP] ConfigFactory.LoadHtaccess: c:\inetpub\allscripts\mdrx.pro.security\.htaccess
[2017-03-12 19:59:57.978] [proxy:2] (debug) [/SecureTokenService/EMR153/IdP] request to https://onests-174:16100/15.3/SecureTok ... EMR153/IdP

APE rewrite log shows:

10.133.9.27 10.133.9.27 [12/Mar/2017:19:03:57] [onests-174/sid#2][rid#5822459/initial] (1) [perdir c:\inetpub\allscripts\mdrx.pro.security\] init rewrite engine with /SecureTokenService/EMR153/IdP
10.133.9.27 10.133.9.27 [12/Mar/2017:19:03:57] [onests-174/sid#2][rid#5822459/initial] (5) [perdir c:\inetpub\allscripts\mdrx.pro.security\] strip matching prefix: /SecureTokenService/EMR153/IdP -> SecureTokenService/EMR153/IdP
10.133.9.27 10.133.9.27 [12/Mar/2017:19:03:57] [onests-174/sid#2][rid#5822459/initial] (7) [perdir c:\inetpub\allscripts\mdrx.pro.security\] Result of ExecuteReader(): /15.3/SecureTokenService/EMR153/IdP
10.133.9.27 10.133.9.27 [12/Mar/2017:19:03:57] [onests-174/sid#2][rid#5822459/initial] (4) [perdir c:\inetpub\allscripts\mdrx.pro.security\] RewriteCond: input='/15.3/SecureTokenService/EMR153/IdP' pattern='(.*)' => matched
10.133.9.27 10.133.9.27 [12/Mar/2017:19:03:57] [onests-174/sid#2][rid#5822459/initial] (4) [perdir c:\inetpub\allscripts\mdrx.pro.security\] RewriteCond: input='/15.3/SecureTokenService/EMR153/IdP' pattern='!NOT_FOUND' => matched
10.133.9.27 10.133.9.27 [12/Mar/2017:19:03:57] [onests-174/sid#2][rid#5822459/initial] (1) [perdir c:\inetpub\allscripts\mdrx.pro.security\] go-ahead with proxy request https://onests-174:16100/15.3/SecureTok ... EMR153/IdP [OK]
10.133.9.27 10.133.9.27 [12/Mar/2017:19:03:57] [onests-174/sid#2][rid#5822459/initial] (3) [perdir c:\inetpub\allscripts\mdrx.pro.security\] applying pattern '(.+)' to uri 'SecureTokenService/EMR153/IdP' -> 'https://onests-174:16100/15.3/SecureTokenService/EMR153/IdP'

IIS logs shows:

2017-03-12 23:59:57 10.133.8.152 POST /SecureTokenService/EMR153/IdP.apehandler - 16100 - 10.133.9.27 - - 404 0 0 1062

[joekathan Profile]

Additional info:

The app pool involved is set to allow 32 bit, is using .NET 4.0, and is set to Integrated mode.

[joekathan Profile]

Additional information:

The incoming feed is a POST to a WCF endpoint. This endpoint does not accept GET, PUT, or DELETE. Could the problem be that the RewriteProxy is doing a GET and thus cannot find anything? If so, how do you make the RewviteProxy do a POST?

[Yaroslav]

Hello.

1. Please try to do a simple test whether the proxy is working. Same as you did with "RewriteRule . – [F]" rule, just proxy something to another site that is certainly available. There are too many possible variables in your explanation, so simpler test could help to eliminate some of them.

2. Proxy usually sends requests with the same method that has come from client. If client is requesting POST, then the proxied request will come as POST.

3. I noticed your destination is HTTPS. Make sure certificate is working and it is not self-signed certificate, so no dialogs will pop-up in the browser if you navigate this URL.

4. Make sure the STSURL field in your database contains trailing slash, because your rule supposes the trailing slash is there.

[joekathan Profile]

I changed the script to:
RewriteEngine On
RewriteProxy (.+) https://ONESTS-174:16100/SecureTokenService/EMR153/IdP/

and then to:

RewriteEngine On
RewriteProxy (.+) https://ONESTS-153:16100/SecureTokenService/EMR153/IdP/

Both sites are up, working, etc. The results of the proxy, however, were the same - 404. The logs and everything look the same as well.

With regard to the certificate, while it is self signed, there are no popups if you navigate to the URL in Postman. IS there a setting, perhaps, like Postman has that blocks if a self signed cert is detected? If so, how do you turn that off?

Note I am timeboxed on getting this to work, and if I don't get it to work today we will have to look at another vendro's offering.

Thanks for the help.

Joe

[joekathan Profile]

I've gotten it to work.

The issue was the the original URL did not map to a file/page directly, but was like a WebAPI URL in that it has some parameters in the URL. Once I made a dummy file for the original, things immediately started working.