httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Graham Leggett <graham.legg...@dsn.ericsson.se>
Subject [PATCH] Reverse proxy and authentication
Date Tue, 04 May 1999 08:49:47 GMT
Hi all,

This is the patch that fixes authetication when used with a reverse
proxy.

Currently if an attempt is made using a <Location> structure to password
protect a URL that has been reverse proxied, Apache sends a
"Proxy-authenticate" header instead of an "WWW-authenticate" header.
This confuses the browser, which thinks the Apache webserver is a
website and not a proxy, and the authentication fails.

In the code currently a variable request_rec->proxyreq is set non-zero
if the request is a proxy request. This patch extends that variable to
three states, NONE, PROXY and REVERSE with the values 0, 1 and 2
respectively. This is backward compatible with the "non-zero" behaviour,
and allows the authenticate code to distinguish between the requests.

This patch does not yet fix the case where a website is reverse proxied
through another proxy, still working on it.

The src/CHANGES file:

  *) Fixed proxy/www authentication mixup when authenticating reverse
proxied
     URLs. [Graham Leggett <minfrin@sharp.fm>]

No PR's outstanding.

Regards,
Graham
-- 
-----------------------------------------
minfrin@sharp.fm		"There's a moon
					over Bourbon Street
						tonight...
Mime
View raw message