I have updated the description to concisely summarize the investigation progress.
The redirect to /welcome is normal behaviour ... When you enter directly the siteadmin and switch to editmode, does this work?
unfortunately no, it does not work.
Here is what worked for me though. This is the configuration I applied:
# AcceptPathInfo On
# If your origin checks for header, add it with RequestHeader
RequestHeader set X-Auth "some string"
ProxyPass /restapi https://www.origin.com/restapi retry=0 timeout=30
ProxyPassReverse /restapi https://www.origin.com/restapi
ProxyPass / http://18.104.22.168:4502/ retry=0 timeout=30
ProxyPassReverse / http://22.214.171.124:4502/
# You should uncomment the below if you want to debug
# LogLevel debug
1. You must use port 4502
2. You must access the vhost using the alias as above: http://authorproxy:4502/libs/cq/core/content/login.html
3. /etc/hosts must contain record for authorproxy pointing to the server real IP address
For me that sounds not good. I think, that it should enough to have the
ProxyPass / http://126.96.36.199:4502/
ProxyPassReverse / http//.188.8.131.52:4502
to make it work. When you need to have matching port numbers, some rewrites are not happening properly.
I am looking into that right now. The redirections are indeed probable cause but I am not sure on how to set them up correctly
What I have noticed is that if I use Chrome, and access http://authorproxy:4502/libs/cq/core/content/login.html, I get 403 forbidden after I enter credentials in the authentication pop-up window. If I use Firefox, then I can login normally.
However, if I log out in Firefox, I am redirected to http://authorproxy:4502/libs/cq/core/content/welcome.html and that gives 404 not found!
The above authentication pop-up window really looks like the authentication is done against Felix and NOT CQ5 WCM..?
Furthermore, the above issue with Chrome happens also with Firefox, but in slightly different way as the 403s do not persist.
1. Login to http://authorproxy:4502/libs/cq/core/content/login.html using Firefox
2. Click sign out
3. The call that is made after the sign out is: http://anonymous:null@lab2authorproxy:4502/?sling:authRequestLogin=1&j_validate=true
4. That call results in authentication pop-up window
5. Clicking cancel on that window results in 401 unauthorized, while entering admin credentials makes no result with the following response (despite disabling of HTTP basic authentication):
- Request URL:http://authorproxy:4502/libs/cq/core/content/login.html
- Request Method:GET
- Status Code:401 Unauthorized
- Request Headersview source
- User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.72 Safari/537.36
- Response Headersview source
- Content-Type:text/html; charset=iso-8859-1
- Date:Tue, 16 Jul 2013 09:58:22 GMT
- Keep-Alive:timeout=5, max=100
- WWW-Authenticate:Basic realm="Day Communique 5"