[Geoserver-users] Geoserver virtual host

Hi list,

Due to some comments on a service we provide of one of our customers I have to change the url http://mygeoserver.mydomain.com/geoserver/CUSTOMER/wms in order to substitute/remove the words "geoserver" (no comments), let's say something like http://customer.mydomain.com/wms . Needless to say that I won't change all my DNS's and so on ..

So I need to know if it's possible to achieve this and how to Maybe somebody could point me what steps do I have to follow. I've been searching on the web and the solutions have to do with Tomcat and something called Virtual Hosts... Any ideas?

Thanks in advance!!

Regards,

Agur bero bat,

David Alda Fernández de Lezea
Área de Sistemas de Información Geográfica, Planificación Territorial y Forestal Informazio Geografikoen Sistemak, Lurralde eta Baso Antolaketaren Arloa.
dalda@anonymised.com | www.hazi.eus
T 945 003 240 - M 627 923 170 - F 945 003 290
Hazi | Granja Modelo de Arkaute s/n | 01192 Arkaute - Araba

********************* LEGE OHARRA ******************* AVISOLEGAL ******************* DISCLAIMER *****************************
Mezu hau pertsonala eta isilpekoa da eta baimenik gabeko erabilera debekatua dago legalki. Jasotzailea ez bazara ezabatu mezua, bidali eta kontserbatu gabe.
Este mensaje es personal y confidencial y su uso no autorizado está prohibido legalmente. Si usted no es el destinatario, proceda a borrarlo, sin reenviarlo ni conservarlo.
This message is personal and confidential, unauthorised use is legally prohibited. If you are not the intended recipient, delete it without resending or backing it.

I sometimes rename geoserver.war to ROOT.war before deploying to Tomcat. This might do the trick for you.

/julian

-----Original Message-----
From: David Alda Fernandez de Lezea [mailto:dalda@anonymised.com]
Sent: 14. januar 2016 12:29
To: GeoServer Users <geoserver-users@lists.sourceforge.net>
Subject: [Geoserver-users] Geoserver virtual host

Hi list,

Due to some comments on a service we provide of one of our customers I have to change the url http://mygeoserver.mydomain.com/geoserver/CUSTOMER/wms in order to substitute/remove the words "geoserver" (no comments), let's say something like http://customer.mydomain.com/wms . Needless to say that I won't change all my DNS's and so on ..

So I need to know if it's possible to achieve this and how to Maybe somebody could point me what steps do I have to follow. I've been searching on the web and the solutions have to do with Tomcat and something called Virtual Hosts... Any ideas?

Thanks in advance!!

Regards,

Agur bero bat,

David Alda Fernández de Lezea
Área de Sistemas de Información Geográfica, Planificación Territorial y Forestal Informazio Geografikoen Sistemak, Lurralde eta Baso Antolaketaren Arloa.
dalda@anonymised.com | www.hazi.eus
T 945 003 240 - M 627 923 170 - F 945 003 290 Hazi | Granja Modelo de Arkaute s/n | 01192 Arkaute - Araba

********************* LEGE OHARRA ******************* AVISOLEGAL ******************* DISCLAIMER ***************************** Mezu hau pertsonala eta isilpekoa da eta baimenik gabeko erabilera debekatua dago legalki. Jasotzailea ez bazara ezabatu mezua, bidali eta kontserbatu gabe.
Este mensaje es personal y confidencial y su uso no autorizado está prohibido legalmente. Si usted no es el destinatario, proceda a borrarlo, sin reenviarlo ni conservarlo.
This message is personal and confidential, unauthorised use is legally prohibited. If you are not the intended recipient, delete it without resending or backing it.

------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________
Geoserver-users mailing list
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

David,

what is your hosting platform?

For Apache in front of Tomcat, I would:

- Add a DNS CNAME entry customer.mydomain.com
pointing to mygeoserver.mydomain.com

- Add an Apache VirtualHost:80 configuration for customer.mydomain.com with ProxyPass for / to Tomcat; details depend on whether you are using AJP <ajp://localhost:8009/geoserver> or HTTP proxy <http://localhost:8080/geoserver&gt;, and you also need to set ProxyPassReverse

- Set the GeoServer proxy base URL to http://customer.mydomain.com/wms

Kind regards,
Ben.

On 15/01/16 00:29, David Alda Fernandez de Lezea wrote:

Hi list,

Due to some comments on a service we provide of one of our customers I have to change the url http://mygeoserver.mydomain.com/geoserver/CUSTOMER/wms in order to substitute/remove the words "geoserver" (no comments), let's say something like http://customer.mydomain.com/wms . Needless to say that I won't change all my DNS's and so on ..

So I need to know if it's possible to achieve this and how to Maybe somebody could point me what steps do I have to follow. I've been searching on the web and the solutions have to do with Tomcat and something called Virtual Hosts... Any ideas?

Thanks in advance!!

Regards,

Agur bero bat,

David Alda Fernández de Lezea
Área de Sistemas de Información Geográfica, Planificación Territorial y Forestal Informazio Geografikoen Sistemak, Lurralde eta Baso Antolaketaren Arloa.
dalda@anonymised.com | www.hazi.eus
T 945 003 240 - M 627 923 170 - F 945 003 290
Hazi | Granja Modelo de Arkaute s/n | 01192 Arkaute - Araba

********************* LEGE OHARRA ******************* AVISOLEGAL ******************* DISCLAIMER *****************************
Mezu hau pertsonala eta isilpekoa da eta baimenik gabeko erabilera debekatua dago legalki. Jasotzailea ez bazara ezabatu mezua, bidali eta kontserbatu gabe.
Este mensaje es personal y confidencial y su uso no autorizado está prohibido legalmente. Si usted no es el destinatario, proceda a borrarlo, sin reenviarlo ni conservarlo.
This message is personal and confidential, unauthorised use is legally prohibited. If you are not the intended recipient, delete it without resending or backing it.

------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________
Geoserver-users mailing list
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

--
Ben Caradoc-Davies <ben@anonymised.com>
Director
Transient Software Limited <http://transient.nz/&gt;
New Zealand

Oops, should be:

- Set the GeoServer proxy base URL to http://customer.mydomain.com/

On 15/01/16 11:26, Ben Caradoc-Davies wrote:

- Set the GeoServer proxy base URL tohttp://customer.mydomain.com/wms

--
Ben Caradoc-Davies <ben@anonymised.com>
Director
Transient Software Limited <http://transient.nz/&gt;
New Zealand

Hi Julian,

I don't know if I've understood you right.

I already have my app deployed and I don't want to change anything that affects to other customers or projects that are in the same GeoServer instance. I only have one GeoServer instance for all of our projects and customers.

Thanks for your comments.

Regards,

David Alda Fernández de Lezea
Área de Sistemas de Información Geográfica, Planificación Territorial y Forestal Informazio Geografikoen Sistemak, Lurralde eta Baso Antolaketaren Arloa.
dalda@anonymised.com | www.hazi.eus
T 945 003 240 - M 627 923 170 - F 945 003 290
Hazi | Granja Modelo de Arkaute s/n | 01192 Arkaute - Araba

********************* LEGE OHARRA ******************* AVISOLEGAL ******************* DISCLAIMER *****************************
Mezu hau pertsonala eta isilpekoa da eta baimenik gabeko erabilera debekatua dago legalki. Jasotzailea ez bazara ezabatu mezua, bidali eta kontserbatu gabe.
Este mensaje es personal y confidencial y su uso no autorizado está prohibido legalmente. Si usted no es el destinatario, proceda a borrarlo, sin reenviarlo ni conservarlo.
This message is personal and confidential, unauthorised use is legally prohibited. If you are not the intended recipient, delete it without resending or backing it.

-----Mensaje original-----
De: Julian Hollingbery [mailto:julian@anonymised.com]
Enviado el: jueves, 14 de enero de 2016 14:59
Para: David Alda Fernandez de Lezea; GeoServer Users
Asunto: RE: Geoserver virtual host

I sometimes rename geoserver.war to ROOT.war before deploying to Tomcat. This might do the trick for you.

/julian

-----Original Message-----
From: David Alda Fernandez de Lezea [mailto:dalda@anonymised.com]
Sent: 14. januar 2016 12:29
To: GeoServer Users <geoserver-users@lists.sourceforge.net>
Subject: [Geoserver-users] Geoserver virtual host

Hi list,

Due to some comments on a service we provide of one of our customers I have to change the url http://mygeoserver.mydomain.com/geoserver/CUSTOMER/wms in order to substitute/remove the words "geoserver" (no comments), let's say something like http://customer.mydomain.com/wms . Needless to say that I won't change all my DNS's and so on ..

So I need to know if it's possible to achieve this and how to Maybe somebody could point me what steps do I have to follow. I've been searching on the web and the solutions have to do with Tomcat and something called Virtual Hosts... Any ideas?

Thanks in advance!!

Regards,

Agur bero bat,

David Alda Fernández de Lezea
Área de Sistemas de Información Geográfica, Planificación Territorial y Forestal Informazio Geografikoen Sistemak, Lurralde eta Baso Antolaketaren Arloa.
dalda@anonymised.com | www.hazi.eus
T 945 003 240 - M 627 923 170 - F 945 003 290 Hazi | Granja Modelo de Arkaute s/n | 01192 Arkaute - Araba

********************* LEGE OHARRA ******************* AVISOLEGAL ******************* DISCLAIMER ***************************** Mezu hau pertsonala eta isilpekoa da eta baimenik gabeko erabilera debekatua dago legalki. Jasotzailea ez bazara ezabatu mezua, bidali eta kontserbatu gabe.
Este mensaje es personal y confidencial y su uso no autorizado está prohibido legalmente. Si usted no es el destinatario, proceda a borrarlo, sin reenviarlo ni conservarlo.
This message is personal and confidential, unauthorised use is legally prohibited. If you are not the intended recipient, delete it without resending or backing it.

------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________
Geoserver-users mailing list
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

Hi Ben,

Thanks for your response.

I'm on Windows 2012 R2 over Tomcat 7.

The thing is that we host different projects (private workspaces and some other customer's workspaces) so changing something globally could lead to changes in other projects and apps. This is something I absolutely want to avoid. Changing the GeoServer's proxy would affect to everything inside it, wouldn't it?

I understand the first step. The second step I suppose there maybe something similar in Tomcat, but the third step is what I don't see or understand.

Thanks for your comments.

Regards,

Agur bero bat,

David Alda Fernández de Lezea
Área de Sistemas de Información Geográfica, Planificación Territorial y Forestal Informazio Geografikoen Sistemak, Lurralde eta Baso Antolaketaren Arloa.
dalda@...6818... | www.hazi.eus
T 945 003 240 – M 627 923 170 – F 945 003 290
Hazi | Granja Modelo de Arkaute s/n | 01192 Arkaute – Araba

********************* LEGE OHARRA ******************* AVISOLEGAL ******************* DISCLAIMER *****************************
Mezu hau pertsonala eta isilpekoa da eta baimenik gabeko erabilera debekatua dago legalki. Jasotzailea ez bazara ezabatu mezua, bidali eta kontserbatu gabe.
Este mensaje es personal y confidencial y su uso no autorizado está prohibido legalmente. Si usted no es el destinatario, proceda a borrarlo, sin reenviarlo ni conservarlo.
This message is personal and confidential, unauthorised use is legally prohibited. If you are not the intended recipient, delete it without resending or backing it.

-----Mensaje original-----
De: Ben Caradoc-Davies [mailto:ben@…6881…]
Enviado el: jueves, 14 de enero de 2016 23:44
Para: David Alda Fernandez de Lezea; GeoServer Users
Asunto: Re: [Geoserver-users] Geoserver virtual host

Oops, should be:

- Set the GeoServer proxy base URL to http://customer.mydomain.com/

On 15/01/16 11:26, Ben Caradoc-Davies wrote:

- Set the GeoServer proxy base URL tohttp://customer.mydomain.com/wms

--
Ben Caradoc-Davies <ben@...6881...>
Director
Transient Software Limited <http://transient.nz/&gt; New Zealand

David,

changing the proxy URL changes URLs generated by GeoServer, so may not be appropriate when you have multiple tenants in a single GeoServer.

Not changing the proxy URL will cause client applications that discover resources via (for example) GetCapabilities and WFS DescribeFeatureType to see these resources as being on a different host. This may cause problems with JavaScript cross-origin rules, depending on use-cases and the behaviour of a client application.

For example, the schemaLocation URL in a WFS response will likely have the same host and context path for all tenants, regardless of DNS. All server URLs in GetCapabilities response will likewise have the same host and context path.

WMS clients that are configured with a WMS service URL and make only GetMap and GetFeatureInfo requests (not driven by the Capabilities document) should work perfectly without setting the proxy base URL. Even better, put each tenant in their own workspace, with their own VirtualHost, then even GetCapabilities should work as expected with a VirtualHost for some WMS use-cases (not layer groups that span workspaces?). See:
http://docs.geoserver.org/latest/en/user/services/virtual-services.html

Kind regards,
Ben.

On 15/01/16 20:26, David Alda Fernandez de Lezea wrote:

Changing the GeoServer's proxy would affect to everything inside it, wouldn't it?

--
Ben Caradoc-Davies <ben@anonymised.com>
Director
Transient Software Limited <http://transient.nz/&gt;
New Zealand

Simone,

Let me see if I got this right..

I have my current URL with a registered domain http://mydomain.com/geoserver/ows and my current proxy is just the same URL http://mydomain.com/geoserver

We mostly use GeoServer in customized Web Apps and consuming the data with QGIS as well.

If I change the proxy URL to http://newdomain.com/whatever :

  1- Would the old URL's (http://mydomain.com/geoserver/ows) referenced in many web apps still work? Yes?

  2- Would I be able to connect to the old and new URL's with QGIS? Yes?

It's just one customer's request but it affects everybody and everything and I don't want to make a wrong move. On the other hand I still have to check the Apache/Tomcat configuration as in many articles I've seen that people tend to solve this by using VirtualHosts.

Thanks for your help.

Regards,

Agur bero bat,

David Alda Fernández de Lezea
Área de Sistemas de Información Geográfica, Planificación Territorial y Forestal Informazio Geografikoen Sistemak, Lurralde eta Baso Antolaketaren Arloa.
dalda@...6818... | www.hazi.eus
T 945 003 240 – M 627 923 170 – F 945 003 290
Hazi | Granja Modelo de Arkaute s/n | 01192 Arkaute – Araba

********************* LEGE OHARRA ******************* AVISOLEGAL ******************* DISCLAIMER *****************************
Mezu hau pertsonala eta isilpekoa da eta baimenik gabeko erabilera debekatua dago legalki. Jasotzailea ez bazara ezabatu mezua, bidali eta kontserbatu gabe.
Este mensaje es personal y confidencial y su uso no autorizado está prohibido legalmente. Si usted no es el destinatario, proceda a borrarlo, sin reenviarlo ni conservarlo.
This message is personal and confidential, unauthorised use is legally prohibited. If you are not the intended recipient, delete it without resending or backing it.

-----Mensaje original-----
De: Ben Caradoc-Davies [mailto:ben@…6881…]
Enviado el: viernes, 15 de enero de 2016 21:14
Para: David Alda Fernandez de Lezea; GeoServer Users
Asunto: Re: [Geoserver-users] Geoserver virtual host

David,

changing the proxy URL changes URLs generated by GeoServer, so may not be appropriate when you have multiple tenants in a single GeoServer.

Not changing the proxy URL will cause client applications that discover resources via (for example) GetCapabilities and WFS DescribeFeatureType to see these resources as being on a different host. This may cause problems with JavaScript cross-origin rules, depending on use-cases and the behaviour of a client application.

For example, the schemaLocation URL in a WFS response will likely have the same host and context path for all tenants, regardless of DNS. All server URLs in GetCapabilities response will likewise have the same host and context path.

WMS clients that are configured with a WMS service URL and make only GetMap and GetFeatureInfo requests (not driven by the Capabilities
document) should work perfectly without setting the proxy base URL. Even better, put each tenant in their own workspace, with their own VirtualHost, then even GetCapabilities should work as expected with a VirtualHost for some WMS use-cases (not layer groups that span workspaces?). See:
http://docs.geoserver.org/latest/en/user/services/virtual-services.html

Kind regards,
Ben.

On 15/01/16 20:26, David Alda Fernandez de Lezea wrote:

Changing the GeoServer's proxy would affect to everything inside it, wouldn't it?

--
Ben Caradoc-Davies <ben@...6881...>
Director
Transient Software Limited <http://transient.nz/&gt; New Zealand

David,

the global proxy base URL affects all returned URLs generated by GeoServer so changing it will change the behaviour of any client that uses URLs in responses to discover resources. I think QGIS is a data-driven client and will be affected. A global change will affect all workspaces.

From your original email, it looks like you have one workspace per customer, so workspace-specific proxy base URLs combined with VirtualHosts may be the solution to your problem.

In addition to the global proxy base URL, GeoServer allows an administrator to override the proxy base URL for each workspace. You need to check the settings box in the workspace configuration page and scroll to near the bottom to change the proxy base URL for this workspace. This change will affect only this workspace and only requests made through the workspace-specific service URL. Your VirtualHost proxy configuration needs to match you workspace-specific proxy base URL.

A workspace-specific proxy base URL will not get you to:
http://customer.mydomain.com/wms

but it should allow you to change:
http://mygeoserver.mydomain.com/geoserver/CUSTOMER/wms

to:
http://customer.mydomain.com/CUSTOMER/wms

where CUSTOMER is your GeoServer workspace == namespace-prefix for this customer.

Consider this example in which I compare (1) the original GeoServer response and (2) the response after I change the proxy base URL for the topp workspace to <http://example.org/&gt;\.

Each request uses the workspace-specific WFS service URL. I then show a URL from the response to see how they change. I use WFS because I know it best, but WMS should work the same.

For a WFS GetFeature response for topp:states:
http://localhost:8080/geoserver/topp/wfs?service=WFS&version=2.0.0&request=GetFeature&typenames=topp:states&count=1

The DescribeFeatureType link in the schemaLocation:

(1) http://localhost:8080/geoserver/topp/wfs?service=WFS&version=2.0.0&request=DescribeFeatureType&typeName=topp%3Astates

(2) http://example.org/topp/wfs?service=WFS&version=2.0.0&request=DescribeFeatureType&typeName=topp%3Astates

For a WFS GetCapabilities response:
http://localhost:8080/geoserver/topp/wfs?service=WFS&version=2.0.0&request=GetCapabilities

The Operation service URLs:

(1) <ows:Get xlink:href="http://localhost:8080/geoserver/topp/wfs&quot;/&gt;

(2) <ows:Get xlink:href="http://example.org/topp/wfs&quot;/&gt;

In each case, changing the workspace-specific proxy base URL for the topp workspace to <http://example.org/&gt; changed returned URLs to start with <http://example.org/topp/&gt; instead of <http://localhost:8080/geoserver/topp/&gt;\.

Now just add an example.org VirtualHost:80 proxy to map <http://example.org/&gt; to <http://localhost:8080/geoserver/&gt; and you should be done:

ProxyPass / http://localhost:8080/geoserver/
ProxyPassReverse / http://localhost:8080/geoserver/

If you want stricter isolation and do not want other customers' data visible through <http://example.org/OTHERCUSTOMER&gt; by accident, you can proxy <http://example.org/topp/&gt; to <http://localhost:8080/geoserver/topp/&gt;, but, because GeoServer will still encode links to global schema resources such as
<http://localhost:8080/geoserver/schemas/gml/3.2.1/gml.xsd&gt; as <http://example.org/schemas/gml/3.2.1/gml.xsd&gt; which will miss your first proxy, you should add a second proxy for <http://example.org/schemas/&gt; to <http://localhost:8080/geoserver/schemas/&gt; . There may be other paths you need to proxy.

Kind regards,
Ben.

On 19/01/16 04:33, David Alda Fernandez de Lezea wrote:

Simone,

Let me see if I got this right..

I have my current URL with a registered domain http://mydomain.com/geoserver/ows and my current proxy is just the same URL http://mydomain.com/geoserver

We mostly use GeoServer in customized Web Apps and consuming the data with QGIS as well.

If I change the proxy URL to http://newdomain.com/whatever :

  1- Would the old URL's (http://mydomain.com/geoserver/ows) referenced in many web apps still work? Yes?

  2- Would I be able to connect to the old and new URL's with QGIS? Yes?

It's just one customer's request but it affects everybody and everything and I don't want to make a wrong move. On the other hand I still have to check the Apache/Tomcat configuration as in many articles I've seen that people tend to solve this by using VirtualHosts.

Thanks for your help.

Regards,

Agur bero bat,

David Alda Fernández de Lezea
Área de Sistemas de Información Geográfica, Planificación Territorial y Forestal Informazio Geografikoen Sistemak, Lurralde eta Baso Antolaketaren Arloa.
dalda@anonymised.com | www.hazi.eus
T 945 003 240 – M 627 923 170 – F 945 003 290
Hazi | Granja Modelo de Arkaute s/n | 01192 Arkaute – Araba

********************* LEGE OHARRA ******************* AVISOLEGAL ******************* DISCLAIMER *****************************
Mezu hau pertsonala eta isilpekoa da eta baimenik gabeko erabilera debekatua dago legalki. Jasotzailea ez bazara ezabatu mezua, bidali eta kontserbatu gabe.
Este mensaje es personal y confidencial y su uso no autorizado está prohibido legalmente. Si usted no es el destinatario, proceda a borrarlo, sin reenviarlo ni conservarlo.
This message is personal and confidential, unauthorised use is legally prohibited. If you are not the intended recipient, delete it without resending or backing it.

-----Mensaje original-----
De: Ben Caradoc-Davies [mailto:ben@anonymised.com]
Enviado el: viernes, 15 de enero de 2016 21:14
Para: David Alda Fernandez de Lezea; GeoServer Users
Asunto: Re: [Geoserver-users] Geoserver virtual host

David,

changing the proxy URL changes URLs generated by GeoServer, so may not be appropriate when you have multiple tenants in a single GeoServer.

Not changing the proxy URL will cause client applications that discover resources via (for example) GetCapabilities and WFS DescribeFeatureType to see these resources as being on a different host. This may cause problems with JavaScript cross-origin rules, depending on use-cases and the behaviour of a client application.

For example, the schemaLocation URL in a WFS response will likely have the same host and context path for all tenants, regardless of DNS. All server URLs in GetCapabilities response will likewise have the same host and context path.

WMS clients that are configured with a WMS service URL and make only GetMap and GetFeatureInfo requests (not driven by the Capabilities
document) should work perfectly without setting the proxy base URL. Even better, put each tenant in their own workspace, with their own VirtualHost, then even GetCapabilities should work as expected with a VirtualHost for some WMS use-cases (not layer groups that span workspaces?). See:
http://docs.geoserver.org/latest/en/user/services/virtual-services.html

Kind regards,
Ben.

On 15/01/16 20:26, David Alda Fernandez de Lezea wrote:

Changing the GeoServer's proxy would affect to everything inside it, wouldn't it?

--
Ben Caradoc-Davies <ben@anonymised.com>
Director
Transient Software Limited <http://transient.nz/&gt; New Zealand

--
Ben Caradoc-Davies <ben@anonymised.com>
Director
Transient Software Limited <http://transient.nz/&gt;
New Zealand

Ben,

Thanks for clarifying this issue. I also think that's the best choice in my case. I'll contact with our IT department to tell them about the VirutalHosts.

Thanks!

Regards,

Agur bero bat,

David Alda Fernández de Lezea
Área de Sistemas de Información Geográfica, Planificación Territorial y Forestal Informazio Geografikoen Sistemak, Lurralde eta Baso Antolaketaren Arloa.
dalda@...6818... | www.hazi.eus
T 945 003 240 – M 627 923 170 – F 945 003 290
Hazi | Granja Modelo de Arkaute s/n | 01192 Arkaute – Araba

********************* LEGE OHARRA ******************* AVISOLEGAL ******************* DISCLAIMER *****************************
Mezu hau pertsonala eta isilpekoa da eta baimenik gabeko erabilera debekatua dago legalki. Jasotzailea ez bazara ezabatu mezua, bidali eta kontserbatu gabe.
Este mensaje es personal y confidencial y su uso no autorizado está prohibido legalmente. Si usted no es el destinatario, proceda a borrarlo, sin reenviarlo ni conservarlo.
This message is personal and confidential, unauthorised use is legally prohibited. If you are not the intended recipient, delete it without resending or backing it.

-----Mensaje original-----
De: Ben Caradoc-Davies [mailto:ben@…6881…]
Enviado el: lunes, 18 de enero de 2016 20:37
Para: David Alda Fernandez de Lezea; GeoServer Users
Asunto: Re: [Geoserver-users] Geoserver virtual host

David,

the global proxy base URL affects all returned URLs generated by GeoServer so changing it will change the behaviour of any client that uses URLs in responses to discover resources. I think QGIS is a data-driven client and will be affected. A global change will affect all workspaces.

From your original email, it looks like you have one workspace per customer, so workspace-specific proxy base URLs combined with VirtualHosts may be the solution to your problem.

In addition to the global proxy base URL, GeoServer allows an administrator to override the proxy base URL for each workspace. You need to check the settings box in the workspace configuration page and scroll to near the bottom to change the proxy base URL for this workspace. This change will affect only this workspace and only requests made through the workspace-specific service URL. Your VirtualHost proxy configuration needs to match you workspace-specific proxy base URL.

A workspace-specific proxy base URL will not get you to:
http://customer.mydomain.com/wms

but it should allow you to change:
http://mygeoserver.mydomain.com/geoserver/CUSTOMER/wms

to:
http://customer.mydomain.com/CUSTOMER/wms

where CUSTOMER is your GeoServer workspace == namespace-prefix for this customer.

Consider this example in which I compare (1) the original GeoServer response and (2) the response after I change the proxy base URL for the topp workspace to <http://example.org/&gt;\.

Each request uses the workspace-specific WFS service URL. I then show a URL from the response to see how they change. I use WFS because I know it best, but WMS should work the same.

For a WFS GetFeature response for topp:states:
http://localhost:8080/geoserver/topp/wfs?service=WFS&version=2.0.0&request=GetFeature&typenames=topp:states&count=1

The DescribeFeatureType link in the schemaLocation:

(1)
http://localhost:8080/geoserver/topp/wfs?service=WFS&version=2.0.0&request=DescribeFeatureType&typeName=topp%3Astates

(2)
http://example.org/topp/wfs?service=WFS&version=2.0.0&request=DescribeFeatureType&typeName=topp%3Astates

For a WFS GetCapabilities response:
http://localhost:8080/geoserver/topp/wfs?service=WFS&version=2.0.0&request=GetCapabilities

The Operation service URLs:

(1) <ows:Get xlink:href="http://localhost:8080/geoserver/topp/wfs&quot;/&gt;

(2) <ows:Get xlink:href="http://example.org/topp/wfs&quot;/&gt;

In each case, changing the workspace-specific proxy base URL for the topp workspace to <http://example.org/&gt; changed returned URLs to start with <http://example.org/topp/&gt; instead of <http://localhost:8080/geoserver/topp/&gt;\.

Now just add an example.org VirtualHost:80 proxy to map <http://example.org/&gt; to <http://localhost:8080/geoserver/&gt; and you should be done:

ProxyPass / http://localhost:8080/geoserver/ ProxyPassReverse / http://localhost:8080/geoserver/

If you want stricter isolation and do not want other customers' data visible through <http://example.org/OTHERCUSTOMER&gt; by accident, you can proxy <http://example.org/topp/&gt; to <http://localhost:8080/geoserver/topp/&gt;, but, because GeoServer will still encode links to global schema resources such as <http://localhost:8080/geoserver/schemas/gml/3.2.1/gml.xsd&gt; as <http://example.org/schemas/gml/3.2.1/gml.xsd&gt; which will miss your first proxy, you should add a second proxy for <http://example.org/schemas/&gt; to <http://localhost:8080/geoserver/schemas/&gt; . There may be other paths you need to proxy.

Kind regards,
Ben.

On 19/01/16 04:33, David Alda Fernandez de Lezea wrote:

Simone,

Let me see if I got this right..

I have my current URL with a registered domain
http://mydomain.com/geoserver/ows and my current proxy is just the
same URL http://mydomain.com/geoserver

We mostly use GeoServer in customized Web Apps and consuming the data with QGIS as well.

If I change the proxy URL to http://newdomain.com/whatever :

  1- Would the old URL's (http://mydomain.com/geoserver/ows) referenced in many web apps still work? Yes?

  2- Would I be able to connect to the old and new URL's with QGIS? Yes?

It's just one customer's request but it affects everybody and everything and I don't want to make a wrong move. On the other hand I still have to check the Apache/Tomcat configuration as in many articles I've seen that people tend to solve this by using VirtualHosts.

Thanks for your help.

Regards,

Agur bero bat,

David Alda Fernández de Lezea
Área de Sistemas de Información Geográfica, Planificación Territorial y Forestal Informazio Geografikoen Sistemak, Lurralde eta Baso Antolaketaren Arloa.
dalda@...6818... | www.hazi.eus
T 945 003 240 – M 627 923 170 – F 945 003 290 Hazi | Granja Modelo de
Arkaute s/n | 01192 Arkaute – Araba

********************* LEGE OHARRA ******************* AVISOLEGAL ******************* DISCLAIMER *****************************
Mezu hau pertsonala eta isilpekoa da eta baimenik gabeko erabilera debekatua dago legalki. Jasotzailea ez bazara ezabatu mezua, bidali eta kontserbatu gabe.
Este mensaje es personal y confidencial y su uso no autorizado está prohibido legalmente. Si usted no es el destinatario, proceda a borrarlo, sin reenviarlo ni conservarlo.
This message is personal and confidential, unauthorised use is legally prohibited. If you are not the intended recipient, delete it without resending or backing it.

-----Mensaje original-----
De: Ben Caradoc-Davies [mailto:ben@…6881…] Enviado el: viernes,
15 de enero de 2016 21:14
Para: David Alda Fernandez de Lezea; GeoServer Users
Asunto: Re: [Geoserver-users] Geoserver virtual host

David,

changing the proxy URL changes URLs generated by GeoServer, so may not be appropriate when you have multiple tenants in a single GeoServer.

Not changing the proxy URL will cause client applications that discover resources via (for example) GetCapabilities and WFS DescribeFeatureType to see these resources as being on a different host. This may cause problems with JavaScript cross-origin rules, depending on use-cases and the behaviour of a client application.

For example, the schemaLocation URL in a WFS response will likely have the same host and context path for all tenants, regardless of DNS. All server URLs in GetCapabilities response will likewise have the same host and context path.

WMS clients that are configured with a WMS service URL and make only
GetMap and GetFeatureInfo requests (not driven by the Capabilities
document) should work perfectly without setting the proxy base URL. Even better, put each tenant in their own workspace, with their own VirtualHost, then even GetCapabilities should work as expected with a VirtualHost for some WMS use-cases (not layer groups that span workspaces?). See:
http://docs.geoserver.org/latest/en/user/services/virtual-services.htm
l

Kind regards,
Ben.

On 15/01/16 20:26, David Alda Fernandez de Lezea wrote:

Changing the GeoServer's proxy would affect to everything inside it, wouldn't it?

--
Ben Caradoc-Davies <ben@...6881...>
Director
Transient Software Limited <http://transient.nz/&gt; New Zealand

--
Ben Caradoc-Davies <ben@...6881...>
Director
Transient Software Limited <http://transient.nz/&gt; New Zealand