Hi Fellow presales engineers,
We have a need to setup a CAS to access an AMD via a proxy for a PoC . The reason for this is that only this permitted PC can get to the AMD via a firewall.
The proxy does not have any authentication requirements...
We have done the following so far;
However the CAS gives the following errors when polling the AMD...( from server.log)
E JUL 14-06-23 07:26:02.824 SEVERE:com.compuware.frameworks.security.client.impl.ManagementServiceClientCache$BulkUpdate:getSecurityBulkData:<Exception during BULK update from CSS: Service unavailable; > | << exception >> |
1 ADM 14-06-23 07:26:23.182 ServerState 10.158.141.90:9091/hid?id=b16ade7df4_80_rtm using GET, protocol HTTP, user compuware, authentication BASIC received response code 401. Change authentication. | |
1 ADM 14-06-23 07:26:23.213 ServerState 10.158.141.90:9091/hid?id=b16ade7df4_80_rtm using GET, protocol HTTP, user compuware, authentication DIGEST received response code 401. Change authentication. | |
1 ADM 14-06-23 07:26:23.650 ServerState 10.158.141.90:9091/hid?id=b16ade7df4_80_rtm using GET, protocol HTTP, user compuware, authentication BASIC received response code 401. Change authentication. | |
1 ADM 14-06-23 07:26:23.650 ServerState 10.158.141.90:9091/hid?id=b16ade7df4_80_rtm using GET, protocol HTTP, user compuware, authentication DIGEST received response code 401. Change authentication. | |
E RTM 14-06-23 07:26:23.650 Cannot get license information for probe -1 [10.158.141.90:9091]. |
OK so it cant get to do something with the CSS but...
It seems as if Apache is sending a 401 back to the CAS in response to its authentication attempt which it seems unable to process..
If a browser is used, filing out the login/password for the AMD works fine...
Are we "barking up the wrong tree" here? e.g has this problem been already solved?
Just thought I would ask before I commence the in-depth troubleshooting....
Regards
AP
Answer by Anthony P. ·
Hi all,
I managed to get this working but not completely...e.g after about 8 hours I have to restart the CAS service if I wish to log in to the CAS...
OK for a PoC though.
But the CAS is talking to the AMD fine via the Apache proxy as long as the proxy does not reside on the same server as the CCS/ RUM console
This is what I did...
ProxyRequests On
ProxyVia On
<Proxy *>
Order deny,allow
Deny from all
Allow from 141.168.21.84
</Proxy>
-DproxySet=true -DproxyHost=141.168.21.20 -DproxyPort=3128 -DnonProxyHosts=141.168.21.19
CAS3 ---------- >Proxy|CAS2-------- >FW---------- >AMD
.84---------------->.20-------------------------------------->AMD
Hope this helps
Regards
AP
Answer by Anthony P. ·
Hi Adam,
Thanks for the reply.
I have, its Case #00902719...
Just trying to procure traces now...
regards
AP
JANUARY 15, 3:00 PM GMT / 10:00 AM ET