Hi
I am trying to use Apache to act as a proxy/reverse-proxy which will
authenticate the users, update the header with the authetication
information and then forward the request an Application Web Server.
I'm using the mod_auth_sspi to authenticate and I have used the
<Location /> to validate the users.
I found a great reply in this forum for how to propagate the
REMOTE_USER etc to the Application Web Server and this works well.
However, we I try and use the REMOTE_USER it is NULL.
I think that my http.conf is not quite right and the rewrite rules are
forwarding the request before the authetication modules have run.
Here is the VirtualHost section from the http.conf
RewriteEngine On
RewriteLog "c:/WebServ/logs/httpd/rewrite.log"
RewriteLogLevel 9
RewriteCond %{REMOTE_USER} (.*)
RewriteRule .* - [E=R_U:%1]
RequestHeader add REMOTE-USER %{R_U}e
RewriteCond %{QUERY_STRING} (.+)
RewriteRule (^/irj/.*)
http://h1703910:8011/$1?%1 [P]
RewriteRule (^/irj) http://h1703910:8011/$1
[P]
<Location />
AllowOverride None
Options None
Order allow,deny
Allow from all
AuthName "Login using your NT username and
password"
AuthType SSPI
SSPIAuth On
SSPIAuthoritative Off
SSPIOfferBasic Off
require valid-user
</Location>
What is the correct way to do this or am I on the wrong track?
Thanks in advance.
Doug Phillips
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
|