Return-Path: X-Original-To: apmail-httpd-dev-archive@www.apache.org Delivered-To: apmail-httpd-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 0344F76DD for ; Tue, 26 Jul 2011 13:22:41 +0000 (UTC) Received: (qmail 96300 invoked by uid 500); 26 Jul 2011 13:22:40 -0000 Delivered-To: apmail-httpd-dev-archive@httpd.apache.org Received: (qmail 96205 invoked by uid 500); 26 Jul 2011 13:22:38 -0000 Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list dev@httpd.apache.org Received: (qmail 96196 invoked by uid 99); 26 Jul 2011 13:22:38 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 26 Jul 2011 13:22:38 +0000 X-ASF-Spam-Status: No, hits=-0.6 required=5.0 tests=FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM,NORMAL_HTTP_TO_IP,RCVD_IN_DNSWL_LOW,SPF_PASS,T_TO_NO_BRKTS_FREEMAIL X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of phracek2@gmail.com designates 209.85.216.180 as permitted sender) Received: from [209.85.216.180] (HELO mail-qy0-f180.google.com) (209.85.216.180) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 26 Jul 2011 13:22:31 +0000 Received: by qyk30 with SMTP id 30so374245qyk.18 for ; Tue, 26 Jul 2011 06:22:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; bh=TtgvtC125WR3j7LPJgsqi+RgnJVF8cWK8wu3SzMGdfI=; b=QVQaMrxnfrM6HYct0x27bUibtCiU+K6NSRnDY3d1EZOzyiaz/llKTQK0Ik+gFwg82z jl4wIvRVLfVTHX0lG+ENBcHXz3uDwIPk/1kvBwNDtC47MmMHTrV1QdMbrByvuKSo2erF bmrVllJ8JpSfsXwz4G9q5xH+Kcb/FmfvZdvpI= MIME-Version: 1.0 Received: by 10.224.184.142 with SMTP id ck14mr2513760qab.168.1311686530016; Tue, 26 Jul 2011 06:22:10 -0700 (PDT) Received: by 10.224.20.84 with HTTP; Tue, 26 Jul 2011 06:22:09 -0700 (PDT) Date: Tue, 26 Jul 2011 15:22:09 +0200 Message-ID: Subject: Authentication and ReverseProxy to more servers From: Petr Hracek To: dev@httpd.apache.org Content-Type: text/plain; charset=UTF-8 X-Virus-Checked: Checked by ClamAV on apache.org Dear developers, sorry for bother you with that question but I could not imagine where I have made a problem? Situation have to be following: I have MAIN server connected to the intranet. To that MAIN server are connected some other servers. In the MAIN server is buildup proprietary authentication module which is used for authorization and authentication. When the user write down in URL somethink like: https:///application1 then this should be reversed proxied to the http://192.168.0.20:8080/appl1 https:///application2 then this should be reversed proxied to the http://192.168.0.30:8080/appl2 Both applications like application1 and application2 have to be authorized first in the MAIN server and than proxied to the relevant servers. Authentication works fine but it is not proxied. In the /var/log/apache2/error_log file is not mentioned and log from mod_proxy.c module and ReverseProxy is not working at all. In the log is mentioned only: File does not exists: /srv/www/htdocs/ssldocs/application1 But this is true because of it has to be proxied. Handlers in my modules are: static void register_hooks(apr_pool_t * p) { static const char * const aszPre[]={"mod_proxy.c","mod_proxy_http.c","mod_proxy_ajp.c",NULL}; ap_hook_auth_checker(access_handler,NULL,NULL,APR_HOOK_FIRST); ap_hook_check_user_id(auth_handler,NULL,NULL,APR_HOOK_FIRST); } Should be there add ap_hook_map_to_storage? Could you please let me know how to do it? Configuration file in MAIN server looks like: DocumentRoot "/srv/www/htdocs/ssldocs" SSLEngine on SSLProxyEngine on ProxyRequests Off AuthType OwnSec require valid-user Order Allow,deny Allow from all ProxyPass /application1 http://192.168.0.20:8080/appl1 ProxyPassReverse /application1 http://192.168.0.20:8080/appl1 ProxyPass /application2 http://192.168.0.30:8080/appl1 ProxyPassReverse /application2 http://192.168.0.30:8080/appl2 -- Best Regards / S pozdravem Petr Hracek