sockets - exploiting HTTP HOST header based redirection in apache reverse proxy for intranet resource -
i'm looking suggestion on poc i'm doing. i'm trying solve utilize case in user accesses intranet websites corporate mobile app when not on corporate network (and not want connect vpn on mobile). want create intranet website available him through apache reverse proxy using multihomed server concept in host header read , reverse proxy pass(forward) request value nowadays in host header. grab here these sites not on same proxy on different webservers having different internal ip 192.x.x.1, 192.x.x.2 etc.
in poc java app( replaced mobile app 1 time concepts works) opens https socket reverse proxy( having public ip , dns entry) , intranet site address e.g. x.mycomp.com user requested set in host header. after http request sent reverse proxy through https socket created above.
the problem
1) if create http socket in place of https above im able redirect website having entry in host header field, failing in case utilize https socket , bad request (400). assume ( , right also) here ssl connection terminating @ proxy can read header value.
2) wanted check if approach not workable ot workable have issues can not foresee.
thanks.
apache sockets ssl reverse-proxy
No comments:
Post a Comment