httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Petr Hracek <phrac...@gmail.com>
Subject Proxy authentication
Date Mon, 11 Jul 2011 13:28:38 GMT
Dear users,

I have problems with proxy authorization and I could not image where
is a problem.

Configuration in my <VirtualHost section is>:

<VirtualHost _default_:443>
SSLEngine on
SSLProxyEngine on
ProxyRequests off

RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^TRACE
RewriteMap pages txt:/opt/httpd2/conf/pages.txt
RewriteRule ^/([^/]+)    ${pages:$1|/$1} $
RewriteRule ^/([^/]+)/(.*)    ${pages:$1|/opt/httpd2/htdocs/ssldocs/$1}/$2 [L]

<Directory />
   Options Includes Multiviews FollowSymLinks
   AllowOverride None
   Order deny,allow
   Deny from all
</Directory>
<Directory "/opt/httpd2/htdocs/ssldocs/">
    AuthType SECURE_USER
    require valid-user
    Satisfy Any
</Directory>

<IfModule mod_authz_host.c>
  <Directory />
      Options + Indexes +Multiviews
      AuthType SECURE_USER
      require valid-user
      satisfy Any
  </Directory>
<Location "/ATS/">
   AuthType SECURE_USER
   require valid-user
   ProxyPass http://192.2.0.25:8080/ATSAdmin
   ProxyPassReverse http://192.2.0.25:8080/ATSAdmin
   satisfy Any
</Location>

</IfModule>

</VirtualHost>

In the module is mentioned:
r->ap_auth_type = SECURE_USER;
Format of the file pages.txt is:

App1   /opt/App1/htdocs App1
App2   /opt/App2/htdocs App2
App3   /opt/App3/htdocs App3

https://<IP_Address/App1 showing my own authorization.

When I will enter https://<ip_address>/ATS/ I want to authorized over
my module and when the authorization is done the it is proxied to the
http://192.2.0.25:8080/ATSAdmin.

Could you please let me know where I have made a mistake?

My module have following hooks:
static void register_hooks(apr_pool_t *p)
{
    ap_hook_post_config(init_Module,NULL,NULL,APR_HOOK_MIDDLE);
    ap_hook_auth_checker(auth_handler,NULL,NULL,APR_HOOK_MIDDLE);
    ap_hook_check_user_id(access_handler,NULL,NULL,APR_HOOK_MIDDLE);
    ap_hook_handler(notification_handler,NULL,NULL,APR_HOOK_MIDDLE);
    ap_hook_fixups(fixups,NULL,NULL,APR_HOOK_MIDDLE);
    ap_hook_child_init(init_Child,NULL,NULL,APR_HOOK_MIDDLE);
    ap_hook_handler(secure_handler,NULL,NULL,APR_HOOK_MIDDLE);
    ap_hook_handler(login_handler,NULL,NULL,APR_HOOK_MIDDLE);
    ap_hook_handler(single_login_handler,NULL,NULL,APR_HOOK_MIDDLE);
    ap_hook_handler(logout_handler,NULL,NULL,APR_HOOK_MIDDLE);
}

When the access_checker return value is OK than it shown me page 404.
When the access_checker return value is DECLINED that it shown me page
unauthorized access.
Shal I use some http redirection to the proxy pages?

When I will do that so that configuration is:
<Location /wbm1>
        ProxyPass http://192.2.0.25/
        Order deny,allow
    Allow from all
    AuthType Basic
    AuthName "Password Required"
    AuthUserFile password.file
    AuthGroupFile group.file
    Require group usergroup
</Location>

Than all works fine.
-- 
Best Regards / S pozdravem
Petr Hracek

Mime
View raw message