httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "O´Hehir,Oliver" <Oliver.OHe...@tre.se>
Subject [users@httpd] RE: Rewrite a URL and then ProxyPass it?
Date Tue, 11 Mar 2003 17:58:54 GMT
FYI,

In the end, since I still couldn't get REMOTE_USER variable in my rewrite rules, I used the
"Authorization" request header to get the REMOTE_USER in the back end server. 

This request header contains the remote user and password encoded (format <username>:<password>)
in base64. It is passed from the browser to the front end host (Apache), which acts as a transparent
proxy, and then onto the back end host. So at the back end host, in order to get the ID of
the REMOTE_USER, I decode the base 64 string in the header and parse the resulting string
for the user ID.

Oliver.

-----Original Message-----
From: O´Hehir,Oliver 
Sent: den 5 mars 2003 15:05
To: users@httpd.apache.org
Subject: RE: Rewrite a URL and then ProxyPass it?


Help! 

REMOTE_USER is still missing when I rewrite the URL. Can anyone shed some light as it is missing?


I thought that once I protected the Proxy with security then REMOTE_USER would become available
for use. I know that the REMOTE_USER is logged in the access log file, but it never appears
in the rewrite log file. Any suggestions would be very appreciated!

Oliver.

PS.
This is my httpd.conf:

# Rewrite settings
<IfModule mod_rewrite.c>
	RewriteEngine on
	RewriteLog logs/rewrite.log
	RewriteLogLevel 9
# If the REMOTE_USER env var is present, then append it to the URL
# ^.*$ means search for 1 to X characters
	RewriteCond %{REMOTE_USER}   ^.+$
	RewriteRule ^/webApp_proxy/(.*)$  http://1.1.1.1:7005/webApp/$1?REMOTE_USER=%{REMOTE_HOST}&{QUERY_STRING}
[P]
# If the REMOTE_USER env var is not present, then don't append it to the URL
	RewriteCond %{REMOTE_USER}   !^.+$
	RewriteRule ^/webApp_proxy/(.*)$  http://1.1.1.1:7005/webApp/$1 [P]
</IfModule>

#Proxy settings
<IfModule mod_proxy.c>
ProxyRequests On
ProxyPassReverse /webApp_proxy/ http://1.1.1.1:7005/webApp/

<Proxy *>
    Order deny,allow
    Deny from all
    Allow from all
    AuthType Basic
    AuthName "Password Required"
    AuthUserFile password.file
    AuthGroupFile group.file
    require group usergroup
</Proxy>
</IfModule>
# End of proxy directives.




And this is what I get from my access and rewrite log:

... unauthenticated users makes a request...

(2) init rewrite engine with requested uri /webApp_proxy/
(3) applying pattern '^/webApp_proxy/(.*)$' to uri '/webApp_proxy/'
(4) RewriteCond: input='' pattern='^.+$' => not-matched
(3) applying pattern '^/webApp_proxy/(.*)$' to uri '/webApp_proxy/'
(4) RewriteCond: input='' pattern='!^.+$' => matched
(2) rewrite /webApp_proxy/ -> http://1.1.1.1:7005/webApp/
(2) forcing proxy-throughput with http://1.1.1.1:7005/webApp/
(1) go-ahead with proxy request proxy:http://1.1.1.1:7005/webApp/ [OK]
"GET /webApp_proxy/ HTTP/1.1" 401 485

...the user,Testuser1, enters username and password...

(2) init rewrite engine with requested uri /webApp_proxy/
(4) RewriteCond: input='' pattern='^.+$' => not-matched
(3) applying pattern '^/webApp_proxy/(.*)$' to uri '/webApp_proxy/'
(4) RewriteCond: input='' pattern='!^.+$' => matched
(2) rewrite /webApp_proxy/ -> http://1.1.1.1:7005/webApp/
(2) forcing proxy-throughput with http://1.1.1.1:7005/webApp/
(1) go-ahead with proxy request proxy:http://1.1.1.1:7005/webApp/ [OK]
Testuser1 "GET /retail_proxy/ HTTP/1.1" 502 316






-----Original Message-----
From: O´Hehir,Oliver 
Sent: den 3 mars 2003 17:19
To: 'users@httpd.apache.org'
Subject: Rewrite a URL and then ProxyPass it?


Hej!

Is it possible to do the following? Rewrite a client's URL with the REMOTE_USER as a request
parameter on the URL, and then pass this rewritten URL through a proxy for a backend server,
i.e. the client (johndoe) sees that his submitted URL has changed from http://frontEndHost/webApp
to http://frontEndHost/webApp?REMOTE_USER=johndoe, but doesn't see that his request actual
goes to a backend webserver as http://backEndHost/webapp?REMOTE_USER=johndoe. 

Note: the front end server has basic authentication on, which would make REMOTE_USER available.


My configuration in httpd.conf:
RewriteEngine on
RewriteRule ^/webApp(.*)$  /webApp$1?REMOTE_USER=%{REMOTE_USER}&%{QUERY_STRING} [P]

ProxyRequests On
ProxyPass /webApp/ http://backEndHost/webapp
ProxyPassReverse /webApp/ http://backEndHost/webapp


Does the fact that mod_rewrite is after mod_proxy (see below) in the configuration mean rewrite
gets called before proxy?

$ ../bin/httpd -l
Compiled in modules:
  core.c
  mod_access.c
  mod_auth.c
  mod_include.c
  mod_log_config.c
  mod_env.c
  mod_setenvif.c
  mod_proxy.c
...
  mod_rewrite.c
 

Thanks in advance!

Oliver.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message