You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Ajay Garg <aj...@gmail.com> on 2017/04/08 06:23:07 UTC

[users@httpd] Authentication BEFORE proxying

Hi All.

If I setup the following in a virtual-host,

####################################################################################
Listen 9001
<VirtualHost *:9001>
        DocumentRoot /var/www/html

        <Directory "/var/www/html">
            AuthType Basic
            AuthName "Restricted Content"
            AuthUserFile /home/f5a6b457ba0d416cb4847bb3c4c6e6b6/.htpasswd
            Require valid-user
        </Directory>

        ProxyPass / http://127.0.0.1:9000/
        ProxyPassReverse / http://127.0.0.1:9000/

</VirtualHost>
#####################################################################################


and I type http://1.2.3.4:9001 in the browser, I get taken directly to the
proxy-address, without the auth-dialog popping up.

If however, I remove the "ProxyPass" and "ProxyPassReverse" directives, and
I type the same http://1.2.3.4:9001 in the broswer, the auth-dialog pops up
as expected.


Is there a way to first let the auth-dialog pop-up, and only if credentials
are correct, to move to the proxy-address?

Looking forward to some help.


Thanks and Regards,
Ajay

Re: [users@httpd] Authentication BEFORE proxying

Posted by Ajay Garg <aj...@gmail.com>.

Thanks Luca.

Following worked.
I was first asked the credentials, and only when they were correct, was I
redirected to the proxied-url.


############################################################
###############################
Listen 2001
<VirtualHost *:2001>

        <Location "/">
            AuthType Basic
            AuthName "Restricted Content"
            AuthUserFile /home/2819163155b64c4c81f8608aa23c9faa/.htpasswd
            Require valid-user

            ProxyPass http://127.0.0.1:2000/
            ProxyPassReverse http://127.0.0.1:2000/
        </Location>

</VirtualHost>
############################################################
################################


So, the issue of this email-trail is solved.
Thanks a ton !!!


I would love to have your assistance on the thread
http://mail-archives.apache.org/mod_mbox/httpd-users/201704.mbox/browser,
where I have posted the question in context of the solution provided by you.


Thanks and Regards,
Ajay


On Sat, Apr 8, 2017 at 7:30 PM, Luca Toscano <to...@gmail.com> wrote:

> Hi Ajay,
>
> 2017-04-08 8:23 GMT+02:00 Ajay Garg <aj...@gmail.com>:
>
>> Hi All.
>>
>> If I setup the following in a virtual-host,
>>
>> ############################################################
>> ########################
>> Listen 9001
>> <VirtualHost *:9001>
>>         DocumentRoot /var/www/html
>>
>>         <Directory "/var/www/html">
>>             AuthType Basic
>>             AuthName "Restricted Content"
>>             AuthUserFile /home/f5a6b457ba0d416cb4847bb3c4c6e6b6/.htpasswd
>>             Require valid-user
>>         </Directory>
>>
>>         ProxyPass / http://127.0.0.1:9000/
>>         ProxyPassReverse / http://127.0.0.1:9000/
>>
>> </VirtualHost>
>> ############################################################
>> #########################
>>
>>
>> and I type http://1.2.3.4:9001 in the browser, I get taken directly to
>> the proxy-address, without the auth-dialog popping up.
>>
>> If however, I remove the "ProxyPass" and "ProxyPassReverse" directives,
>> and I type the same http://1.2.3.4:9001 in the broswer, the auth-dialog
>> pops up as expected.
>>
>
> From what I can see in the config you are adding auth directives only to
> the "/var/www/html" Directory context, and the proxying to the Virtual Host
> one.
>
> More info about configuration sections: http://httpd.apache.
> org/docs/current/sections.html
>
>
>> Is there a way to first let the auth-dialog pop-up, and only if
>> credentials are correct, to move to the proxy-address?
>>
>
> I would try with a <Location> block containing ProxyPass/ProxyPassReverse
> and Auth/Require directives.
>
> Hope that helps!
>
> Luca
>
>


-- 
Regards,
Ajay

Re: [users@httpd] Authentication BEFORE proxying

Posted by Luca Toscano <to...@gmail.com>.

Hi Ajay,

2017-04-08 8:23 GMT+02:00 Ajay Garg <aj...@gmail.com>:

> Hi All.
>
> If I setup the following in a virtual-host,
>
> ############################################################
> ########################
> Listen 9001
> <VirtualHost *:9001>
>         DocumentRoot /var/www/html
>
>         <Directory "/var/www/html">
>             AuthType Basic
>             AuthName "Restricted Content"
>             AuthUserFile /home/f5a6b457ba0d416cb4847bb3c4c6e6b6/.htpasswd
>             Require valid-user
>         </Directory>
>
>         ProxyPass / http://127.0.0.1:9000/
>         ProxyPassReverse / http://127.0.0.1:9000/
>
> </VirtualHost>
> ############################################################
> #########################
>
>
> and I type http://1.2.3.4:9001 in the browser, I get taken directly to
> the proxy-address, without the auth-dialog popping up.
>
> If however, I remove the "ProxyPass" and "ProxyPassReverse" directives,
> and I type the same http://1.2.3.4:9001 in the broswer, the auth-dialog
> pops up as expected.
>

From what I can see in the config you are adding auth directives only to
the "/var/www/html" Directory context, and the proxying to the Virtual Host
one.

More info about configuration sections:
http://httpd.apache.org/docs/current/sections.html


> Is there a way to first let the auth-dialog pop-up, and only if
> credentials are correct, to move to the proxy-address?
>

I would try with a <Location> block containing ProxyPass/ProxyPassReverse
and Auth/Require directives.

Hope that helps!

Luca