Web Servers General Talk - Reverse Proxy Authentication

This is Interesting: Free IT Magazines  
Home > Archive > Web Servers General Talk > November 2004 > Reverse Proxy Authentication





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author Reverse Proxy Authentication
Josh Chilcott

2004-11-29, 2:52 am

I'm running an Apache 1.3 server as an internet accessible reverse
proxy. I have a portion of a backend server that I want to make
available to internet users, but I want the proxy to authenticate the
request to the url before it passes the request to the backend. All I
want the proxy to do is certify the credentials and then allow access
to the url if the credentials are valid. (I do not want the proxy to
pass it on to the backend) The backend server does not authenticate.

Here is what I have tried in my httpd.conf

<VirtualHost _default_:443>

ProxyPass /superneetswag
http://host1.internalserver.com/superneetswag/
ProxyPassReverse /superneetswag
http://host1.internalserver.com/superneetswag/

<Location /superneetswag>
Order deny,allow
AuthType Basic
AuthName "Restricted Access"
AuthUserFile /var/http/passwd/passwords
Require user testauth
</Location>

Authentication is working fine at the proxy. I am prompted for the
username and password and when I enter it the proxy accepts it but
then forwards the credentials to the backend server who intern prompts
me for credential because it does not recognize the user but was given
login information. How do I stop the proxy from forwarding the
credentials? I was under the impression that adding the proxied
subdirectory to <Location> instead of <Directory> would cause the
credentials to be used locally but not passed on to the backend.
Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com