session-prototype_manager.conf

session-prototype_manager.conf

#############################################
##
## Session Prototype Manager Service
##
#############################################

<IfModule !headers_module>
    LoadModule headers_module modules/mod_headers.so
</IfModule>

# ---------------------
# SSL Configuration.
# ---------------------

# --------------------------------------------------------
#  SSL Functions
#  For Public APIs
# --------------------------------------------------------
<VirtualHost *:443>

    ServerName snpt-mgt01.q1-np.aws.diva.rs.scei.sony.co.jp
    #ServerAlias *.*.q1-np.community.playstation.net

    ErrorLog "|/usr/sbin/rotatelogs /etc/httpd/logs/session-prototype-manager-ssl-error-log.%Y-%m-%d-%H 3600"
    CustomLog "|/usr/sbin/rotatelogs /etc/httpd/logs/session-prototype-manager-ssl-access-log.%Y-%m-%d-%H 3600" nps_ssl_combined_uuid
    LogLevel warn

    SSLEngine on
    SSLProtocol -ALL +TLSv1 +TLSv1.1 +TLSv1.2
    SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:AES128-SHA256:AES128-SHA:AES256-SHA256:AES256-SHA:DES-CBC3-SHA
    SSLHonorCipherOrder on

    SSLCertificateFile      /sce/c7y/httpd/ssl-cert/server.crt
    SSLCertificateKeyFile   /sce/c7y/httpd/ssl-cert/server.key

    # mod_proxy
    ProxyRequests Off

    # Enable ProxyErrorOverride
    ProxyErrorOverride Off

    <Proxy *>
        Order deny,allow
        Allow from all
    </Proxy>

    # Default Deny.
    <Location "/">
        Deny from all
    </Location>

    # This is originally the endpoint of Trophy. And this endpoint will be abolished in Session Prototype Manager.
    # Keep this endpoint for the E2E tests to check if the common fundamental functions (e.g. access token validation, accessing to Redis, and so on) are working.
    # TODO
    # Delete this configuration after the E2E tests for Session Manager are created.
    # Session Prototype Manager SSL Debug Functions.
    <Location "/session/debug/v1/">
        Order deny,allow
        Deny from all
        # e1-np では公開、np では非公開設定としてください。
        # 公開する場合(e1-np)は下記行(Allow from ...)の "#" のコメントアウトを解除して、Session Prototype Manager debugにアクセスできる設定にしてください。
        # 非公開にする場合(np)は下記行(Allow from ...)を "#" でコメントアウトしたままにしてください。
        Allow from all
        ProxyPass http://tomcat:8080/session-manager-prototype/debug/
    </Location>

    # This is originally the endpoint of Trophy. And this endpoint will be abolished in Session Prototype Manager.
    # Keep this endpoint for the E2E tests to check if the common fundamental functions (e.g. access token validation, accessing to Redis, and so on) are working.
    # TODO
    # Delete this configuration after the E2E tests for Session Manager are created.
    # Session Prototype Manager SSL WebAPI (VSH/SDK) AID Functions.
    <Location "/session/act/v1/">
        Allow from all
        ProxyPass http://tomcat:8080/session-manager-prototype/aid/  keepalive=On
    </Location>

    # Session Prototype Manager SSL WebAPI for Session Prototype Manager
    <Location "/session/v1/">
        Allow from all
        ProxyPass http://tomcat:8080/session-prototype-manager/  keepalive=On
    </Location>

    # Session Prototype Manager SSL Health Check Functions.
    <Location "/healthCheck">
        SetEnvIf X-Forwarded-For "\\*" via_elb
        Order allow,deny
        Allow from 10.0.0.0/8
        Deny from via_elb
        ProxyPass http://tomcat:8080/session-prototype-manager/healthCheck
        SetEnv force-proxy-request-1.0 1
        SetEnv proxy-nokeepalive 1
    </Location>

</VirtualHost>