I have an HTTPD apache reverse Proxy in a docker container on my PC. It manages also the authentication toward openidc sso. Because I need to configure 3 different SSO on same host I configured 3 virtualHost in HTTPD.conf. I need that the first one redirect towards the 2 other depending on sub-route path. Here is my configuration :
<VirtualHost *:80>
ServerName ${MON_IP_HOST}
OIDCProviderMetadataURL http://SSO1…….
<Location />
#public
</Location>
<Location /api/SSO1/login>
AuthType openid-connect
Require valid-user
</Location>
ProxyPreserveHost On
ProxyPass /api/sso2/login http://internal_sso2/api/sso2/login
ProxyPassReverse /api/sso2/login http://internal_sso2/api/sso2/login
ProxyPass /api/sso3/login http://sso3_local/api/sso3/login
ProxyPassReverse /api/sso3/login http://sso3_local/api/sso3/login
#--- main proxy pass ---
ProxyPass / ${banckendapiurl}
ProxyPassReverse / ${banckendapiurl}
</VirtualHost>
<VirtualHost internal_sso2:80>
ServerName internal_sso2
OIDCProviderMetadataURL http://SSO2 ……
<Location />
AuthType openid-connect
Require valid-user
</Location>
ProxyPreserveHost On
ProxyPass / ${banckendapiurl}
ProxyPassReverse / ${banckendapiurl}
</VirtualHost>
<VirtualHost sso3_local:80>
ServerName sso3_local
OIDCProviderMetadataURL http://SSO3….
<Location />
AuthType openid-connect
Require valid-user
</Location>
ProxyPreserveHost On
ProxyPass / ${banckendapiurl}
ProxyPassReverse / ${banckendapiurl}
</VirtualHost>
And the /etc/hosts file contains :
127.0.0.1 localhost sso3_local internal_sso2
But when I call from a web browser the routes : /api/sso2/login or api/sso3/login They both forward to the second virualhost only because it is defined in second position (if I place it in third position both call redirect toward sso3_local )
So what is wrong and how can I correctly prowypass internally to several virtual host ?