You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Andrew Parker <an...@gmail.com> on 2012/11/27 18:12:25 UTC
[users@httpd] Inline Login with mod_auth_form 405 error
I'm trying to get couchpotato set up in a reverse proxy with apache 2.4.3 using mod_auth_form for authentication. The proxy is working fine, but the authentication is not working as expected.
When I browse to my password protected url I get a 401 status which I am over riding according to the inline login documentation for the mod_auth_form module. This redirects me to my login page and all this is working correctly. However, when I fill in my login form and submit it, I get a 405 error: The method POST is not allowed for the requested URL. This is returned by the couchpotato web server, which is Tornado I think. It seems that a method for a POST request has not been implemented in the couchpotato handler and that is why it is throwing a 405 error.
My real question is why is this POST request ever making it to the couchpotato server? From the mod_auth_form documentation found at http://httpd.apache.org/docs/2.4/mod/mod_auth_form.html:
"When the end user has filled in their login details, the form will make an HTTP POST request to the original password protected URL. mod_auth_form will intercept this POST request, and if HTML fields are found present for the username and password, the user will be logged in, and the original password protected URL will be returned to the user as a GET request."
According to this it seems that the request going to the couchpotato server should be a GET request after the mod_auth_form has intercepted the POST from my login form.
Here is the access log from apache:
- - [27/Nov/2012:09:32:03 -0700] "GET /couchpotato/ HTTP/1.1" 401 1160 (The original request)
- - [27/Nov/2012:09:32:03 -0700] "GET /css/style.css HTTP/1.1" 200 21959 (These are resources from the login page)
- - [27/Nov/2012:09:32:03 -0700] "GET /javascript/functions.js HTTP/1.1" 200 386 (These are resources from the login page)
- - [27/Nov/2012:09:32:11 -0700] "POST /couchpotato/ HTTP/1.1" 405 183 (This is after I submit the login form)
Here is my virtual host config, Location /couchpotato/ being the one of interest:
<VirtualHost *:80>
ServerName myserver.com
RedirectPermanent / https://myserver.com/
</VirtualHost>
<VirtualHost *:443>
ServerName myserver.com
SSLEngine On
SSLProxyEngine On
RewriteEngine On
SSLCertificateFile /usr/local/apache2/auth/apache.pem
DocumentRoot /var/www
RedirectMatch ^/sickbeard$ /sickbeard/
RedirectMatch ^/couchpotato$ /couchpotato/
SetEnv proxy-initial-not-pooled 1
SetEnv proxy-nokeepalive 1
SetEnv force-proxy-request-1.0 1
ProxyPreserveHost On
<Directory />
Order deny,allow
Allow from all
AllowOverride None
</Directory>
<Location /rutorrent>
Order deny,allow
Allow from all
AuthFormProvider file
AuthType form
AuthName "My Login"
Session On
SessionCookieName session path=/
require valid-user
# This is the login page
ErrorDocument 401 /login.html
# This is the file containing users login data
AuthUserFile /usr/local/apache2/auth/rutorrent_passwd
</Location>
<Location ~ "^/rutorrent/(conf|share)">
Order deny,allow
Deny from all
</Location>
<Location ~ "/\\.svn">
Order deny,allow
Deny from all
</Location>
<Location /sickbeard/>
Order deny,allow
Allow from all
ProxyPass http://localhost:8081/sickbeard/
ProxyPassReverse http://localhost:8081/sickbeard/
AuthFormProvider file
AuthType form
AuthName "My Login"
Session On
SessionCookieName session path=/
require valid-user
# This is the login page
ErrorDocument 401 /login.html
# This is the file containing users login data
AuthUserFile /usr/local/apache2/auth/rutorrent_passwd
</Location>
<Location /couchpotato/>
Order deny,allow
Allow from all
ProxyPass http://localhost:5050/couchpotato/
ProxyPassReverse http://localhost:5050/couchpotato/
AuthFormProvider file
AuthType form
AuthName "My Login"
Session On
SessionCookieName session path=/
require valid-user
# This is the login page
ErrorDocument 401 /login.html
# This is the file containing users login data
AuthUserFile /usr/local/apache2/auth/rutorrent_passwd
</Location>
<Location /public>
Order deny,allow
Allow from all
</Location>
</VirtualHost>
And here is the login page html:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta content="yes" name="apple-mobile-web-app-capable" />
<meta content="text/html; charset=utf-8" http-equiv="Content-Type" />
<meta content="minimum-scale=1.0, width=device-width, maximum-scale=0.6667, user-scalable=no" name="viewport" />
<link href="//myserver.com/css/style.css" rel="stylesheet" media="screen" type="text/css" />
<script src="//myserver.com/javascript/functions.js" type="text/javascript"></script>
<title>My Login</title>
</head>
<body>
<div id="topbar">
<div id="title">My Login</div>
</div>
<div id="content">
<form method="post" action="">
<ul class="pageitem">
<li class="bigfield"><input placeholder="Name" name="httpd_username" type="text" /></li>
<li class="bigfield"><input placeholder="Password" name="httpd_password" type="password" /></li>
</ul>
<ul class="pageitem">
<li class="button">
<input name="login" type="submit" value="Login" />
</li>
</ul>
</form>
</div>
<div id="footer">
</div>
</body>
</html>
[users@httpd] Re: Inline Login with mod_auth_form 405 error
Posted by Andrew Parker <an...@gmail.com>.
I figured out a way to get this working. Im my couchpotato location in the apache config I added this:
AuthFormLoginSuccessLocation https://myserver/couchpotato/
Now I get taken to the page successfully after I login. The way I understand it is that it should work without this directive, and just send a GET request to what ever password protected url you browsed to in the first place. But this solves the problem for me in this situation.
On Nov 27, 2012, at 10:12 AM, Andrew Parker <an...@gmail.com> wrote:
> I'm trying to get couchpotato set up in a reverse proxy with apache 2.4.3 using mod_auth_form for authentication. The proxy is working fine, but the authentication is not working as expected.
>
> When I browse to my password protected url I get a 401 status which I am over riding according to the inline login documentation for the mod_auth_form module. This redirects me to my login page and all this is working correctly. However, when I fill in my login form and submit it, I get a 405 error: The method POST is not allowed for the requested URL. This is returned by the couchpotato web server, which is Tornado I think. It seems that a method for a POST request has not been implemented in the couchpotato handler and that is why it is throwing a 405 error.
>
> My real question is why is this POST request ever making it to the couchpotato server? From the mod_auth_form documentation found at http://httpd.apache.org/docs/2.4/mod/mod_auth_form.html:
> "When the end user has filled in their login details, the form will make an HTTP POST request to the original password protected URL. mod_auth_form will intercept this POST request, and if HTML fields are found present for the username and password, the user will be logged in, and the original password protected URL will be returned to the user as a GET request."
>
> According to this it seems that the request going to the couchpotato server should be a GET request after the mod_auth_form has intercepted the POST from my login form.
>
>
> Here is the access log from apache:
>
> - - [27/Nov/2012:09:32:03 -0700] "GET /couchpotato/ HTTP/1.1" 401 1160 (The original request)
> - - [27/Nov/2012:09:32:03 -0700] "GET /css/style.css HTTP/1.1" 200 21959 (These are resources from the login page)
> - - [27/Nov/2012:09:32:03 -0700] "GET /javascript/functions.js HTTP/1.1" 200 386 (These are resources from the login page)
> - - [27/Nov/2012:09:32:11 -0700] "POST /couchpotato/ HTTP/1.1" 405 183 (This is after I submit the login form)
>
>
>
> Here is my virtual host config, Location /couchpotato/ being the one of interest:
>
>
> <VirtualHost *:80>
> ServerName myserver.com
> RedirectPermanent / https://myserver.com/
> </VirtualHost>
> <VirtualHost *:443>
> ServerName myserver.com
> SSLEngine On
> SSLProxyEngine On
> RewriteEngine On
> SSLCertificateFile /usr/local/apache2/auth/apache.pem
> DocumentRoot /var/www
> RedirectMatch ^/sickbeard$ /sickbeard/
> RedirectMatch ^/couchpotato$ /couchpotato/
> SetEnv proxy-initial-not-pooled 1
> SetEnv proxy-nokeepalive 1
> SetEnv force-proxy-request-1.0 1
> ProxyPreserveHost On
>
> <Directory />
> Order deny,allow
> Allow from all
> AllowOverride None
> </Directory>
> <Location /rutorrent>
> Order deny,allow
> Allow from all
>
> AuthFormProvider file
> AuthType form
> AuthName "My Login"
> Session On
> SessionCookieName session path=/
> require valid-user
>
> # This is the login page
> ErrorDocument 401 /login.html
>
> # This is the file containing users login data
> AuthUserFile /usr/local/apache2/auth/rutorrent_passwd
> </Location>
> <Location ~ "^/rutorrent/(conf|share)">
> Order deny,allow
> Deny from all
> </Location>
> <Location ~ "/\\.svn">
> Order deny,allow
> Deny from all
> </Location>
> <Location /sickbeard/>
> Order deny,allow
> Allow from all
>
> ProxyPass http://localhost:8081/sickbeard/
> ProxyPassReverse http://localhost:8081/sickbeard/
>
> AuthFormProvider file
> AuthType form
> AuthName "My Login"
> Session On
> SessionCookieName session path=/
> require valid-user
>
> # This is the login page
> ErrorDocument 401 /login.html
>
> # This is the file containing users login data
> AuthUserFile /usr/local/apache2/auth/rutorrent_passwd
> </Location>
> <Location /couchpotato/>
> Order deny,allow
> Allow from all
>
> ProxyPass http://localhost:5050/couchpotato/
> ProxyPassReverse http://localhost:5050/couchpotato/
>
> AuthFormProvider file
> AuthType form
> AuthName "My Login"
> Session On
> SessionCookieName session path=/
> require valid-user
>
> # This is the login page
> ErrorDocument 401 /login.html
>
> # This is the file containing users login data
> AuthUserFile /usr/local/apache2/auth/rutorrent_passwd
> </Location>
> <Location /public>
> Order deny,allow
> Allow from all
> </Location>
> </VirtualHost>
>
>
>
>
> And here is the login page html:
>
>
> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
> <html xmlns="http://www.w3.org/1999/xhtml">
>
> <head>
> <meta content="yes" name="apple-mobile-web-app-capable" />
> <meta content="text/html; charset=utf-8" http-equiv="Content-Type" />
> <meta content="minimum-scale=1.0, width=device-width, maximum-scale=0.6667, user-scalable=no" name="viewport" />
> <link href="//myserver.com/css/style.css" rel="stylesheet" media="screen" type="text/css" />
> <script src="//myserver.com/javascript/functions.js" type="text/javascript"></script>
> <title>My Login</title>
> </head>
>
> <body>
>
> <div id="topbar">
> <div id="title">My Login</div>
> </div>
> <div id="content">
> <form method="post" action="">
> <ul class="pageitem">
> <li class="bigfield"><input placeholder="Name" name="httpd_username" type="text" /></li>
> <li class="bigfield"><input placeholder="Password" name="httpd_password" type="password" /></li>
> </ul>
> <ul class="pageitem">
> <li class="button">
> <input name="login" type="submit" value="Login" />
> </li>
> </ul>
> </form>
> </div>
> <div id="footer">
> </div>
>
> </body>
>
> </html>