今天在Redhat5 Linux上配置Apache和Tomcat整合,希望将Jsp页面的地址转发到tomcat的地址上去。
如真实的Jsp地址为 http://127.0.0.1:8080/jsp/
希望通过访问 http://127.0.0.1/jsp/ 也可以访问到。
于是在Apache中配置ProxyPass :
ProxyPass /jsp http://localhost:8080/jsp
但发现当访问的时候发现不可访问,出现503错误:
Service Temporarily Unavailable The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later. Apache Server at localhost Port 80
查看apache日志/var/log/httpd/error_log:
[Wed Aug 10 21:02:27 2011] [error] (13)Permission denied: proxy: HTTP: attempt to connect to 10.140.0.109:7080 (127.0.0.1) failed [Wed Aug 10 21:02:27 2011] [error] ap_proxy_connect_backend disabling worker for (10.140.0.109) [Wed Aug 10 20:30:51 2011] [error] proxy: HTTP: disabled connection for (127.0.0.1)
日志/var/log/httpd/access_log:
127.0.0.1- - [10/Aug/2011:21:02:27 -0400] "GET /jsp/ HTTP/1.0" 503 401 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; CIBA; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
经过查资料和分析怀疑是SELinux的原因,于是查看果然是:
[root@ logs]# /usr/sbin/getsebool -a |grep httpd_can_network_connect httpd_can_network_connect --> off
于是尝试解决方案:
我们需要将httpd_can_network_connect设置为on:
[root@ logs]# /usr/sbin/setsebool -P httpd_can_network_connect=1 [root@ logs]# /usr/sbin/getsebool -a |grep httpd_can_network_connect httpd_can_network_connect --> on
重新访问,页面果然可以访问了。
另外直接关掉SELinux也是可以解决这个问题的:
修改/etc/selinux/config 然后重启:
SELINUX=disabled
或者实时生效的方式:
[root@ var]# /usr/sbin/setenforce 0