Score:0

Can not access Tomcat servlet using httpd ajp proxy in Docker

cn flag

Docker, httpd and tomcat is new to me.

What I want to do: Access tomcat servlet through httpd ajp reverse proxy.

I am making two containers under same bridge network, one runs httpd, another tomcat.

Problem: I can not access tomcat through httpd. Httpd returns 403 error. I can access through port 8080 if I expose it to the host. I have read many articles but do not understand what I am doing wrong. Current configuration should work according to my understanding but surely I am missing something.

Screenshot of error page

Kindly give me pointers what am I doing wrong.

My configurations and dockerfiles Please see the Git repository here. I run the container by first creating image and run by following

# Start web container
docker run -dit --name httpd.container -p 80:80 --network extope-network httpd-101-image
# Start AP container
docker run -dit --name tomcat.container -p 8080:8080 --network extope-network --add-host=host.docker.internal:host-gateway tomcat-101-image
in flag
The 403 error comes from tomcat, not httpd. Your httpd is working fine.
Mirza Prangon avatar
cn flag
Why would tomcat return 403 when accessed via httpd? As accessing by 8080 port works fine.
Gerard H. Pille avatar
in flag
@GeraldSchneider, you may be mistaken, with the current configuration.
Score:0
in flag

Remove the quotes from the secret in your httpd config.

ProxyPass "/docs" "ajp://tomcat.container:8009/docs" secret=test_ajp_secret
ProxyPass "/manager/" "ajp://tomcat.container:8009/manager/" secret=test_ajp_secret

Afterwards it works.

Mirza Prangon avatar
cn flag
This actually solved my problem! The documents can be more clear in this regards saying to not to use double quotes.
Score:0
in flag

Your server.xml redirects traffic to port 8443, but,

  1. doesn't handle that port (the handler is commented out)
  2. the container doesn't accept traffic for that port.

In the httpd.conf I see "Include conf/httpd_extope.conf", but there is no httpd_extope.conf. The http_proxy.conf tries to contact the container on port 8009, for which the above two remarks are also valid.

Mirza Prangon avatar
cn flag
Thank you, I tried removing redirect port line on ajp connector, but the problem persists. By the way, in the connector configuration for 8080 port, there is also a line for redirection to same 8443 port, but i am able to access through 8080 port. Why is that?
Gerard H. Pille avatar
in flag
Port 8080 is handled correctly. See another problem you have above.
Mirza Prangon avatar
cn flag
Sorry i changed the file names before sharing. The file names are correct in my environment. I will fix that
Gerard H. Pille avatar
in flag
That doesn't change the problem with port 8009.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.