Login / Logout after reverse proxy configuration

Bug #1249425 reported by Martin Lafrance on 2013-11-08
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Ajenti
Undecided
Unassigned

Bug Description

Your control panel is awesome.... really loving it!!

I installed Ajenti on my test server (Ubuntu 13.04) to toy around a little. I wanted to use of my domain SSL certificate instead of a self-signed one, so I did a reverse proxy on Apache ( based on the configuration here: http://docs.ajenti.org/man/reverse-proxy.html ). Worked fine and have Ajenti running at https://[mydomain.com]/ajenti secured with my own SSL.

Worked fine, but there is one small problem I noticed...

With this configuration, whenever I log in or log out, I'm sent back to [mydomain.com] website main page instead of Ajenti.

ex: https://[mydomain.com]/ajenti -> login -> https://[mydomain.com]/

This is a very minor bug... just slightly annoying ;)

I'm no Python programmer, but I figured quickly that I little hack could easily correct this. Sure enough, I found the culprit in /usr/share/pyshared/ajenti/plugins/main/main.py

I just changed the to 2 following (identical) lines of code:

[line 39 & line 46]
return context.redirect('/')
~ changed to ~
return context.redirect('/ajenti')

I looked around and also found 2 other instances of code redirecting to root path '/' and also made the same changes preemptively:

/usr/share/pyshared/ajenti/plugins/munin/main.py
[line 68]
context.respond_redirect('/')
~ changed to ~
context.respond_redirect('/ajenti')

/usr/share/pyshared/ajenti/plugins/terminal/main.py
[line 112]
context.respond_redirect('/')
~ changed to ~
context.respond_redirect('/ajenti')

et voila... it worked :)

===========

I was wondering if it would be possible to have a more "white labeled" option when reverse proxying Ajenti, ie. be able to use the suffix path we want instead of /ajenti.

ex.: https://[mydomain.com]/panel or https://[mydomain.com]/sysadmin

Not that I don't like /ajenti has a suffix, but the success of Ajenti might translate into bots hammering every [mydomain.com]/ajenti around... I might just be a little paranoid, but "white labeling" the suffix would be a good "equivalence" to changing port number for those (like me) who want to reverse proxy Ajenti.

That is all... Many thanks for your efforts in developing this awesome piece of software. I really appreciate!!

Eugene Pankov (john-pankov) wrote :

I don't have much experience with Apache, but it looks like you need to set up extra ProxyPassReverse directive to rewrite redirects from Ajenti: httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypassreverse

I guess something like

ProxyPassReverse / /ajenti (however I'm not sure about it!)

=======

You can easily change 'ajenti' here

ProxyPass /ajenti http://localhost:8000

to 'panel' or anything as far as I'm concerned with Apache syntax

Changed in ajenti:
status: New → Incomplete
Launchpad Janitor (janitor) wrote :

[Expired for Ajenti because there has been no activity for 60 days.]

Changed in ajenti:
status: Incomplete → Expired
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers