Scenario 3: Direct Communication Through a Reverse Proxy

Some Web browsers always communicate with the AS-ABAP through a reverse proxy server (Internet scenario). Other browsers communicate directly with the AS_ABAP (for example, in an organization’s intranet).

Example:

Proxy: www.sap.com (http:80, https:443)

Host: webas.sap.corp (http:1080, https:1443)

HTTPURLLOC

MANDT

SORT_KEY

PROTOCOL

APPL

HOST

PORT

100

020

HTTP

*

WEBAS.SAP.CORP

1080

100

021

HTTPS

*

WEBAS.SAP.CORP

1443

100

030

HTTP

*

WWW.SAP.COM

80

100

031

HTTPS

*

WWW.SAP.COM

443

All applications are synchronized in this table.  If an inbound host header is available, it is used to filter the rows to be used. This is particularly important if the protocol has to be switched, for instance, from HTTP to HTTPS. In this case it is important to know whether you are working in the Internet or in the intranet. If no host header is available (for instance, if an application from the workbench is being tested), the first matching entry is used. In this case the sorting key is important and an intranet URL is created by default.

In these scenarios it is important that the reverse proxy server does not change the host header. It must be forwarded fully transparently from the browser to the server. This is necessary to be able to differentiate between Internet requests and intranet requests. For an Apache reverse proxy (mod_proxy) the configuration option, ProxyPreserveHost, must be active.

Note that this feature is supported by Apache Version 2+ only.

The point is, what happens when more than one application server is active and the request is in the intranet.  With the above table definition, when testing from the workbench the first entry is synchronized (as no host header is available), whereby a URL is generated for the intranet name  (webas.sap.corp). This could be the information for each application server or also for the message server that dispatches the HTTP request. However, debugging and testing Web applications does prove difficult with this procedure. Therefore a technique is needed to specify that the information is evaluated from the local application server when no host header is available. This can be achieved by adding two additional entries with empty host headers to the table. The empty host header is used as the exit criterion from the exception code.

HTTPURLLOC

MANDT

SORT_KEY

PROTOCOL

APPL

HOST

PORT

100

010

HTTP

*

100

011

HTTPS

*

100

020

HTTP

*

WEBAS1.SAP.CORP

1080

100

021

HTTPS

*

WEBAS1.SAP.CORP

1443

100

022

HTTP

*

WEBAS2.SAP.CORP

1080

100

023

HTTPS

*

WEBAS2.SAP.CORP

1443

100

030

HTTP

*

WWW.SAP.COM

80

100

031

HTTPS

*

WWW.SAP.COM

443

When no host header is available the first entry is synchronized.  In this case the host header is empty there which means that the information about the local AS-ABAP is to be used. If a host header is available, there are two options: Either all the names must be listed in the table so that no entry matches,  or there are no entries (020 to 029) available in the table. Then the information about the local AS-ABAP is used for the URL generation.