5 Replies Latest reply: Apr 29, 2013 2:35 PM by OldGuy RSS

    webgate not intercepting when port defined in WLS

      We have seen an issue -- thinking it is apache related -- that when the client deploys their application on WLS without using a managed server and directly on the AdminServer... then the webgates do not appear to be catching the app request. This is especially true with SSL (port 443) since 443 is often used as the SSL port for AdminServer.

      We have the apache server set up with the following in the httpd.conf file along with the webgate includes:

      <IfModule mod_weblogic.c>
      WebLogicHost <ip address>
      WebLogicPort 7001

      <Location /AppA>
      SetHandler weblogic-handler

      We did not notice this until a client was using 443 as their SSL port for AdminServer. Most clients use the default of 7002 for the AdminServer and then use 443 within their apache or OHS setup. We set the Listen ports to 80 and 443 within the httpd.conf file -- also completed the creation of certs for the webgates to use SSL Ports. If we have the user change their WLS ssl port to 7002, then the webgate catches the request and redirects to the SSO login. Otherwise, the request goes directly to the application with no SSO intervention.

      This concerns us since we thought we had the reverse proxy setup correctly -- which means that other client may have the same issue.

      Is it possible we are characterizing this incorrectly? Is this a reverse proxy issue or just a configuration issue? It appears that whenever the WLS ports are part of the url (SSL and non-SSL) that the webgate is bypassed. If the non-SSL port is the default 7001 and we include the host/port combination in the HostID and then the URL is http://<hostname>:7001/app... the webgate does not get accessed...

      Therefore it is not just SSL ports, but non-SSL as well...