Environment
Novell Access Management 3 Linux Access Gateway
Origin Server DNS name is not the same as the reverse Proxy DNS name
Default rewriter setup
Situation
Accelerated a Web server with the Linux Access Gateway. When
accessing this Web server via the proxy, many of the links that
should appear on the origin Web server are broken.
Resolution
Apply Linux Access Gateway build 70 and upwards (available with IR1
of Novell Access Manager 3)
Additional Information
The Linux Access Gateway (LAG) rewriter component was injecting
strings at the wrong offset in the HTTP stream. Taking LAN traces
on either side of the proxy connection, and comparing the data, one
could see the following (see below) type of string injection in the
stream. The data was being rewriting correctly for the most part
but occasionally, there were strings that are injected randomly as
follows:
eg. the origin server may send back the following to the LAG:
< /ie:menuitem>
http://insite.isa1.rna/_vti_bin/exportwp.aspx?pageurl=http%3A%2F%2Ftest%2Ddev010%3A81%2Fhome%2Easpx&guidstring='+
escape(MenuWebPartID), MenuWebPart.getAttribute('HasPers') =='true')"
type="option">
The LAG sends the following back to the browser ...
< /ie:menuitem>
http://insite.isa1.rna/_vti_bin/exportwp.aspx?pageurl=http%3A%2F%2Ftest%2Ddev010%3A81%2Fhome%2Easpx&guidstring='+
escape(MenuWebPartID), MenuWebPart.getAttribute('HasPers') =='true')"
type="option">
where insite.connect.com is the reverse proxy DNS name and insite.isa1.rna is the DNS name of the origin server. The string has been added randomly overwriting the menuitem tag that was required.
eg. the origin server may send back the following to the LAG:
< /ie:menuitem>
escape(MenuWebPartID), MenuWebPart.getAttribute('HasPers') =='true')"
type="option">
The LAG sends the following back to the browser ...
< /ie:menuitem>
escape(MenuWebPartID), MenuWebPart.getAttribute('HasPers') =='true')"
type="option">
where insite.connect.com is the reverse proxy DNS name and insite.isa1.rna is the DNS name of the origin server. The string has been added randomly overwriting the menuitem tag that was required.