Proxy dpa:8123 via apache httpd with context-path

Question

Redhat Linux 7, DPA 12.0 (haven't gone to 12.1 yet), Apache httpd 2.4.x (that comes w/RHEL7)

I'd like to access DPA via apache httpd rather than directly to the tomcat app running on 8123.

Now: https://mymonitor.domain.com:8123/iwc

Would like: https://mymonitor.domain.com/iwc

I think this works if I just do "Proxypass /iwc https://mymonitor.domain.com:8123/iwc"

Or I could use "http://localhost:8125/iwc" as the target of the Proxypass instead and get away from the whole keystore/cert business.

In any case, just thought I'd ask if this was how most folks are using this, or if it's some other mechanism.

I don't/can't put DPA directly onto 443 by changing the Connector port, since I already have 443 being used by httpd for other stuff.  And I'd like to have all my "monitoring stuff" at a single location

Thanks,

PH

pthirose · Answer

TLDR: Seems to work ok.  Haven't run into any problems so far

Details:
DPA running http on 8125.  Apache httpd 2.2 running on 443.  Added ProxyPass /iwc http://localhost:8125/iwc to httpd.conf file.  Also had to change om.confio.iwc.emailLinks.urlOverride= in my .../iwc/tomcat/ignite_config/idc/system.properties file (as per instructions on "DPA email overrides" at Success Center  ).  to just be https://mymonitor.mydomain.com/iwc so clicking on email links work.

Now can use various Apache httpd modules and directives (ie: CustomLog, Allow from) to better control what's what, rather than fussing directly with tomcat xml files.

Caveat, probably not *officially* supported, so as always: ymmv.

PH

bmrad · Answer

Hi, you can see how to disable the 8123 port here:  Success Center: Turn off HTTP traffic in DPA (Port 8123)

If 443 is already being used, I don't know how you'd accomplish what you are trying to do.