Linux Access Gateway 302 redirects not rewriting Host header details when 'Forward Received Host Name' enabled

  • Document ID:7000173
  • Creation Date:22-Apr-2008
  • Modified Date:26-Apr-2012
    • Micro Focus Products:
      Access Manager (NAM)

Environment

Novell Access Management 3 Linux Access Gateway
Novell Access Management 3 Support Pack 2 applied

Situation

Linux Access Gateway with a path based multihomed (pbmh) resource (e.g.pbmh under mylag proxy service) that accelerates a Web server listening out on non standard port (801). The host header option is setup to forward recieved host header. When the web server, listening on TCP 801, generates a 302 redirect, we see the following:

GET /formfill/phpinfo.php HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
application/x-shockwave-flash, */*
Accept-Language: en-IE
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)
Host: www.mylag.com
Connection: Keep-Alive
Cookie:
WT_FPC=id=83.141.112.214-3121797168.29907192:lv=1201005894625:ss=1201005848343;
__utma=101946013.1373532972.1201005848.1201005848.1201005848.1;
__utmz=101946013.1201005848.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none);
IPCZQX03a36c6c0a=00000100930224953b8b5286c35b870595d023ac

HTTP/1.1 302 Found
Date: Fri, 25 Jan 2008 11:02:49 GMT
Server: Apache/2.2.3 (Linux/SUSE)
Location: http://www.mylag.com:801/sales/phpinfo.php
Content-Type: text/html; charset=iso-8859-1
Content-Length: 309
ExtraHdr: 70
Cache-Control: no-store
Cache-Control: no-cache
Via: 1.1 www.mylag.com (Access Gateway 3.0.2-56)

The 'Location: http://www.mylag.com:801/sales/phpinfo.php' should be rewritten
to Location: http://www.mylag.com/sales/phpinfo.php but it's not rewriting the
TCP port correctly. When we change the Host header and explicitly specify the
one we need (www.mylag.com) instead of forwarding the received hostname (which
is also www.mylag.com), it works fine.

Resolution

If you enable the Forward Received Host Name option on your path-based
multi-homing service and your Web server is configured to use a different port,
you need to add the DNS  name with the port to the the Additional DNS Name
List. 

For example, if the public DNS name of the proxy service is www.mylag.com, the
path for the path-based multi-homing service is /sales, and the Web server port
is 801, the following DNS name needs to be added to the Additional DNS Name
List of the /sales service:

http://www.mylag.com:801