[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
THREDDS and Apache ProxyPass
This archive contains answers to questions sent to Unidata support through mid-2025. Note that the archive is no longer being updated. We provide the archive for reference; many of the answers presented here remain technically correct, even if somewhat outdated. For the most up-to-date information on the use of NSF Unidata software and data services, please consult the Software Documentation first.
- Subject: THREDDS and Apache ProxyPass
- Date: Thu, 21 Jun 2007 11:44:04 -0700
I have not seen this come up in the THREDDS discussion or documentation, and I
was scratching my head for a while today to get it to work right, so here's a
tech note for consideration in the THREDDS documentation:
THREDDS and Apache ProxyPass
If you are using Tomcat on port 8080 (for example) and Apache on the default
port 80, you can use the Apache proxy module to hide the Tomcat port in the
URLs used to connect to THREDDS. This may be critical if your server is behind
a firewall that only allows port 80 access. It is also important if THREDDS is
running on a machine that is completely behind a firewall, but you have a
server running Apache that can talk to the machine.
You will need to edit the Apache httpd.conf file (on Linux, it is stored in
/etc/httpd/conf/).
Find the lines that start with "<IfModule mod_proxy.c>" and end with
"</IfModule>". These lines may need to be uncommented. Between these lines,
make sure the following line exists and is uncommented:
ProxyRequests On
Then add the following lines:
ProxyPreserveHost On
<Location /thredds>
ProxyPass http://myhost.mydomain:8080/thredds
ProxyPassReverse http://myhost.mydomain:8080/thredds
</Location>
<Proxy http://myhost.mydomain:8080/thredds>
AllowOverride None
Order allow,deny
Allow from All
</Proxy>
You of course need to replace "http://myhost.mydomain:8080/thredds"; with the
full URL of the THREDDS web application.
The section between <Proxy... And </Proxy> can usually be omitted, but in some
cases a server is sufficiently locked down that you need to explicitly allow
access to resources. It can also be edited to restrict access to registered
users via Apache authentication mechanisms.
Finally, on the server command line (as a super/admin user), execute:
apachectl graceful
In my configuration, I initially failed to add the line "ProxyPreserveHost On",
which caused me many headaches as links generated by THREDDS kept directing the
client back to port 8080 (which was blocked by a firewall).
Best of luck,
Mike
_____________________________________________
Michael A. Godin
Software Engineer
Monterey Bay Aquarium Research Institute
http://www.mbari.org
===============================================================================
To unsubscribe thredds, visit:
http://www.unidata.ucar.edu/mailing-list-delete-form.html
===============================================================================
- Follow-Ups:
- Re: THREDDS and Apache ProxyPass
- From: Ethan Davis
- Re: THREDDS and Apache ProxyPass
- Prev by Date: Re: announce: TDS stable release 3.16
- Next by Date: Re: announce: TDS stable release 3.16
- Previous by thread: announce: TDS stable release 3.16
- Next by thread: Re: THREDDS and Apache ProxyPass
- Index(es):