Apache Reverse Proxy configuration for Outlook Web Access Filed Under: Apache
Introduction
This tutorial is a continuation of the tutorial explaining the configuration of a reverse proxy with Apache. In this tutorial I will concentrate in the configuration of the reverse proxy to make it work with Microsoft Outlook Web Access (OWA).
The first section of the tutorial will concentrate in just the configuration of the reverse proxy to make it work with just OWA 2k and 2k3. The second part of the tutorial will show the configuration of the reverse proxy to make it work with both OWA 2k and OWA for exchange 5.5. I know it may look a bit silly having both exchange OWA running but it may be good for whenever you are migrating from one service to the other.
Configuration of Reverse Proxy with OWA 2k and 2k3.
If you want to use Apache 1.3 with OWA 2k or 2k3 you need to add the following steps to make the reverse proxy work. This steps are just for Apache 1.3 because Apache 2.0 now has new directives that will make the reverse proxy work without this modifications.
First of all you need to add the following module to Apache mod_proxy_add_forward and add the following line in the add_forward_header method.
ap_table_set(r->headers_in, "front-end-https", "on");
You can also download the file with the modification from here -> mod_proxy_add_forward.c
To compile and install the module execute the following command.
apxs -c -i mod_proxy_add_forward.c
-c is used to compile the module and -i is used to install the module.
Once the module is installed you will need to add and load the module by putting the followin line on the httpd.conf file:
LoadModule proxy_add_forward_module modules/mod_proxy_add_forward.so
AddModule mod_proxy_add_forward.c
To make the proxy redirections work will need configure the proxy server as follows:
ProxyPass https://owa.server.com/exchange https://FQDN/exchange
ProxyPassReverse https://owa.server.com/exchange https://FQDN/exchange
ProxyPass https://owa.server.com/exchgweb https://FQDN/exchweb
ProxyPassReverse https://owa.server.com/exchgweb https://FQDN/exchweb
Where FQDN is the actual name you are going to use to connect to the server from the internet. We will need to add this name into /etc/hosts so we can resolve the name to the IP address of the OWA server.
Configuration of Reverse Proxy with OWA for exchange 5.5 and OWA 2k3.
We will follow the same steps we did on the configuration of the Reverse Proxy with OWA 2k3 but we will need to have the following lines in the httpd.conf to make both work.
The lines needed to make work OWA 2k3 are:
RewriteEngine on
RewriteLog logs/rewrite_log
RewriteLogLevel 3
ProxyRequests off
ProxyPass /mail https://FQDN/exchange/
ProxyPassReverse /mail https://FQDN/exchange/
ProxyPass /exchange/ https://FQDN/exchange/
ProxyPassReverse /exchange/ https://FQDN/exchange/
ProxyPass /exchweb/ https://FQDN/exchweb/
ProxyPassReverse /exchweb/ https://FQDN/exchweb/
ProxyPass /public/ https://FQDN/public/
ProxyPassReverse /public/ https://FQDN/public/
ProxyPass /iisadmpwd/ https://FQDN/iisadmpwd/
ProxyPassReverse /iisadmpwd/ https://FQDN/iisadmpwd/
RewriteRule ^/mail(.*/Inbox/.*) https://FQDN/exchange/$1 [P]
RewriteRule ^/mail(.*/Drafts/.*) https://FQDN/exchange/$1 [P]
Well if you have notice the first line of the ProxyRequest translates the standard exchange path to a mail path. This is done just so we can access both the 5.5 and the 2k3 at the same time.
The RewriteRule lines are lines similar in the process of the ProxyPass and ProxyReverse lines except that rather than specifying the location of the page RewriteRules can look for specific text on the address and then modify the address accordingly by using regular expressions. In the case of both line they will look for any address starting with mail then some characters (I will explain now what is the text on those characters) then will find either the folder Inbox or Draft and then some characters. At the end will translate the line from /mail to exchange and attach at the end what it was between the parenthesis in the position of $1.
For those who will want to know what those character say is the first set of characters is the name of the users inbox (normally the name and surname) the second set of characters are the asp command to access what you requested. So for example the application may request the page https://FQDN/mail/alberto.diaz/Inbox/aspcommands at this point the reverse proxy will find the string /mail/alberto.diaz/Inbox/aspcommand to be a match and will translate the address to https://FQDN/exchange/alberto.diaz/Inbox/aspcommand.
For those who may be wondering what is the [P]. This will make the Apache server to treat the request as a proxy request and pass it through the proxy module.
The lines needed to make work OWA 5.5 are:
ProxyPass /exchange/logon.asp http://exchg55server/exchange/logon.asp
ProxyPassReverse /exchange/logon.asp http://exchg55server/exchange/logon.asp
ProxyPass /exchange/logoff.asp http://exchg55server/exchange/logoff.asp
ProxyPassReverse /exchange/logoff.asp http://exchg55server/exchange/logoff.asp
ProxyPass /exchange/root.asp http://exchg55server/exchange/root.asp
ProxyPassReverse /exchange/root.asp http://exchg55server/exchange/root.asp
ProxyPass /exchange/LogonFrm.asp http://exchg55server/exchange/LogonFrm.asp
ProxyPassReverse /exchange/LogonFrm.asp http://exchg55server/exchange/LogonFrm.asp
ProxyPass /exchange/images/ http://exchg55server/exchange/images/
ProxyPassReverse /exchange/images/ http://exchg55server/exchange/images/
ProxyPass /exchange/inbox/ http://exchg55server/exchange/inbox/
ProxyPassReverse /exchange/inbox/ http://exchg55server/exchange/inbox/
ProxyPass /exchange/forms/ http://exchg55server/exchange/forms/
ProxyPassReverse /exchange/forms/ http://exchg55server/exchange/forms/
ProxyPass /exchange/movcpy/ http://exchg55server/exchange/movcpy/
ProxyPassReverse /exchange/movcpy/ http://exchg55server/exchange/movcpy/
ProxyPass /exchange/finduser/ http://exchg55server/exchange/finduser/
ProxyPassReverse /exchange/finduser/ http://exchg55server/exchange/finduser/
ProxyPass /exchange/options/ http://exchg55server/exchange/options/
ProxyPassReverse /exchange/options/ http://exchg55server/exchange/options/
ProxyPass /exchange/Navbar/ http://exchg55server/exchange/Navbar/
ProxyPassReverse /exchange/Navbar/ http://exchg55server/exchange/Navbar/
ProxyPass /exchange/help/ http://exchg55server/exchange/help/
ProxyPassReverse /exchange/help/ http://exchg55server/exchange/help/
ProxyPass /exchange/contacts/ http://exchg55server/exchange/contacts/
ProxyPassReverse /exchange/contacts/ http://exchg55server/exchange/contacts/
ProxyPass /exchange/calendar/ http://exchg55server/exchange/calendar/
ProxyPassReverse /exchange/contacts http://exchg55server/exchange/calendar/
ProxyPass /exchange/Attach/ http://exchg55server/exchange/Attach/
ProxyPassReverse /exchange/Attach/ http://exchg55server/exchange/Attach/
References
Apache mod_proxy documentation
Apache mod_rewrite documentation
ApacheWeek tutorial on reverse proxies with Apache
- Permalink
- Alberto Diaz
- 3 Jan 2007 9:02 AM
- Comments (0)