httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Neil A. Hillard" <>
Subject Re: [users@httpd] Mod_Proxy_html, MS exchange, and another web server
Date Tue, 30 May 2006 15:04:37 GMT

> Currently I am using Apache 2.0.52 (patched with the ProxyPassCookie)
> and what we are trying to do is rather complicated, but let me explain.
> I am using mod_proxy_html as well to try to make the following work:
> We have the Apache server running as a proxy.  Behind it we have an
> exchange server and another server running more asp/dotnet pages. We
> want both of the web servers to "appear" like one server being proxied
> by Apache, and only hand out exchange requests when the user hits an
> exchange folder (i.e. /exchange, /exweb, etc.), and the other pages when
> it hits the other site (i.e. /  ).  I have tried mod_proxy_html to
> rewrite the header and links, but this appears to "break" the NTLM
> authentication when it is in use.  
> As a proxy, Apache works with both of these as disjointed web sites. The
> problem comes when trying to "put them together" as it were.
> My main question is about the mod_proxy_html usage, although at this
> point I am happy to get anything that will help.

NTLM authentication itself is fundamentally broken anyway - it makes
assumptions which it shouldn't do.  It won't work through a proxy
(unless that proxy takes special steps to ensure that it doesn't break
it, which it shouldn't need to bother with).

The moral of the story is - don't use NTLM!

You may be able to perform the authentication in Apache and pass it
through to Exchange in a header - I've worked with other products that
allow this but I've never worked with Exchange.  I'm currently using
mod_auth_kerb to do this with a backend proprietary server.



Neil Hillard          
Westland Helicopters Ltd.

Disclaimer: This message does not necessarily reflect the
            views of Westland Helicopters Ltd.

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message