httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Edward Muller <>
Subject Re: [users@httpd] Exchange 2K OWA w/IE clients
Date Thu, 18 Sep 2003 20:23:38 GMT
Figured it out:

The problem was not with my rules, but with IIS. I needed to not only
enable Basic Authentication (which was done when we disabled Integrated
Windows Authentication) but also specify a default domain for /exchange
(which was already done I think) and also /public and /exchweb. This
allows the authentication to work for those urls as well.

Anyway ... Here are the rules we are using so everyone else doesn't need
to do it the other way:

#The ProxyPreserceHost needs to be done in the serverconfig or virtual
host only, won't work in a LocationMatch
ProxyPreserveHost On

<LocationMatch "^/(exchange|exchweb|public)">
        RequestHeader set Front-End-Https on

ProxyPass /exchange
ProxyPassReverse /exchange
ProxyPass /exchweb
ProxyPassReverse /exchweb
ProxyPass /public
ProxyPassReverse /public


replace the IP address with the IP address of your exchange
You should then be able to access OWA via https://<web server

Public folders and all work.

On Thu, 2003-09-18 at 13:46, Edward Muller wrote:
> A client of ours recently (last weekend) migrated to Exchange 2K, from
> Exchange 5.5.
> Before the migration apache proxied Exchange 5.5's OWA just fine with a
> simple rewrite rule.
> After the upgrade it didn't work. So we did a little research and came
> up with the following directive set that works for NON-IE clients (i.e.
> it works fine with Mozilla/FireBird, Opera seems to have the same
> problem as IE though regardless of Identify string):
> ProxyPreserveHost On
> RequestHeader set front-end-https: on
> ProxyPass /exchange
> ProxyPassReverse /exchange
> ProxyPass /exchweb
> ProxyPassReverse /exchweb
> ProxyPass /public
> ProxyPassReverse /public
> The IP is their exchange server sitting on a private subnet
> behind the firewall.
> The HTML passed to IE/Opera is different than the HTML passes to
> Mozilla/Firebird. The HTML itself loads okay (with a single
> authentication check), but I seem to get an authentication check for
> each <img/> that is being loaded in the IE page. I took a look at the
> HTML and the <img/>'s src is all withing the Proxied space so it's a
> little confusing.. For instance...
> One of the images is https://<webserver>/exchweb/img/tool-move.gif,
> which should just be proxied without problems AFAICT.
> Even if I put in the proper credentials for each img the img still
> doesn't load.
> Oh, and we did turn off windows integrated authentication as well.
> Has anyone run into this? Does anyone know what we are doing wrong?
> Thanks,
Edward Muller - - "Open Source Specialists"
Dedicated Zope Hosting - Web Hosting - Open Source Consulting
Network & PC Service & Support - Custom Programming
Phone: 417-862-0573 - Cell: 417-844-2435 - Fax: 417-862-0572
Jabber: - AIM: edwardam453 - ICQ: 287033

View raw message