mod_rewrite won't do what you need, since it will have to generate an external redirect to access the foreign server. This will then trigger the warning message.

All I can give you is a general pointer that you can use Apache mod_proxy [httpd.apache.org] to map the foreign server into your server's URL-space, and this *msy* solve the warning problem. See the ProxyPass directive.

Be sure to limit access to the proxied server very tightly -- You don't want to open a security hole in your secure server functions.

Jim

:) I was coming here to post when I saw that you had just posted... thanks.

I was going to say.. that I think mod_proxy is the way... :)

I am reading about proxy_pass.. but this tuff can take tons of time!

To implament this... do you just make a .htaccess file in the root dir whith the info in it?

Like...

ProxyPass /outside ip/ [mydomain.com...]

Thanks again!

> do you just make a .htaccess file in the root dir

No, as stated in the documentation, ProxyPass is available in server configuration and virtual host contexts only, so the code needs to go into httpd.conf. If you don't have access to httpd.conf, contact your hosting provider. If they won't help, then you'll likely have to change hosting levels or hosting services if this is important to your site.

I've never used mod_proxy myself, so we are both working from "the book" here. Maybe someone else will stop in who can be of more help, but in the meantime, studying the available documentation and maybe doing a few searches of the Apache site and the Web will be helpful. If there is a forum for the secure script you're using, that might be a good place to check, too.

Jim

You either need to use the ProxyPass directive [httpd.apache.org] (as mentioned by jdMorgan) in the httpd.conf, or try the RewriteRule directive [httpd.apache.org] with the Proxy flag defined, that should work if the mod_proxy module is enabled in the server config.

The use of both of these ways is that you can map the context of a remote server into your local directory structure, for example if you have www.yourdomain.com and you want the www.otherdomain.com be mapped to www.yourdomain.com/otherdomain path. In this case the apache for the www.yourdomain.com/otherdomain/index.html request will fetch the www.otherdomain.com/index.html page from the remote webserver and sends the reponse for the original request as if it were a local file.

So I think you are on the right track here.

Thanks... well I just added this to my httpd.conf:

ProxyPass [mydomain.com...] [555.555.555.555...]

Then in the applet code I changed the codebase from:

From:
CODEBASE=\"http://555.555.555/\"

To:
CODEBASE=\"https://www.mydomain.com/cotaproxy/\"

No dice.... does not work...
and the applet cannot find the class file it needs.

I did not think it would be that easy :)

With the ip in the applet it works fine..
But you get the security warning saying that part of it is coming from another server...

Anyone got any tips?

Put

ProxyPass /cotaproxy/ http://555.555.555.555/

into the VirtualHost container of the (ssl encryted) www.mydomain.com domain.

The syntax of the ProxyPass directive is:

ProxyPass <path> <remote_url>

...where the <path> should be a path, which takes effect in the current scope, for example if you put it into a VirtualHost, then it will take effect in that VirtualHost only. If you don't have VirualHosts defined, then just drop it into the httpd.conf in the same way as noted above.
See the ProxyPass syntax [httpd.apache.org] in the Apache manual.

...part of the data is not secure...

It means that the primary page is loaded via HTTPS, but that page is referencing one or more resources via HTTP. The specific host and domain name are immaterial.

Thanks Guys.

I added this to my httpd.conf file.
ProxyPass /cotaproxy/ [555.555.555.555...]
(I changed the ip to be the ip of the outside server)

I am trying to understand how this is to work...

I need my server to think that 55.555.55.555 is local or whatver.... so it does not give that security warning.

So in the java applet I call the codebase like this..
[mydomain.com...]

And my server will pull the info from 55.555.55.555?

I still did not work.. but maybe it has something to do with the applet...

thanks so much for everyones time!

What happens if you type [mydomain.com...] into your browser's address bar?

Ahhhh... thanks.
That is the way to test it...
I should have thought of that.

Here is the error I get when I type it like this:
[domain.com...]

Proxy Error
The proxy server received an invalid response from an upstream server.
The proxy server could not handle the request GET /cotaproxy/.

Reason: Could not connect to remote machine: Connection refused

--------------------------------------------------------------------------------

Apache/1.3.27 Server at www.domain.com Port 443

thanks

Oh my gosh!

that server with the remote ip was down!

so it works... when I type
[domain.com...]

I actually get that remote server....

This is great! THANKS TO ALL!

Now to get this applet to work...

Thanks again

It even works with or without https...

This really makes me think...

Pages that I think are serving secure content might no be... they might be pulling it from a non secure server and using a proxy to hide that....

Thanks again to everyone who helped.
I could not have done it without you.

It even works with or without https...

Do you mean it works with https and also with http? Or do you mean it works with https and also if no protocol is specified?

If you are specifying http, and you don't get the prompt, then that would be odd.

If you don't specify any protocol, then it should utilize the same protocol that the main page loaded under (which is https).

(I meant to include this with the previous post)
The error you were getting (one or more insecure resources) is displayed by the browser before it attempts to fetch the first non-encrypted resource. So the error would not have been raised due to an error at the server.

Hello, I mean that it works either way..
If you use http:// or https://

I guess that error was because that remote server was down..

Because it has been working like a charm all day.

I hope this works with all browsers..

Does anyone know?

This proxying does not affect the browser at all, all happens on the server side. The browser will see the [domain.com...] as a local url, there's no redirection or anything tricky involved in this, so this is working with all browsers, even with the web spiders...

Thanks. This is great.

I have wanted to set this up for a long time...

Works like charm.