You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Ajay Garg <aj...@gmail.com> on 2017/04/08 06:23:07 UTC
[users@httpd] Authentication BEFORE proxying
Hi All.
If I setup the following in a virtual-host,
####################################################################################
Listen 9001
<VirtualHost *:9001>
DocumentRoot /var/www/html
<Directory "/var/www/html">
AuthType Basic
AuthName "Restricted Content"
AuthUserFile /home/f5a6b457ba0d416cb4847bb3c4c6e6b6/.htpasswd
Require valid-user
</Directory>
ProxyPass / http://127.0.0.1:9000/
ProxyPassReverse / http://127.0.0.1:9000/
</VirtualHost>
#####################################################################################
and I type http://1.2.3.4:9001 in the browser, I get taken directly to the
proxy-address, without the auth-dialog popping up.
If however, I remove the "ProxyPass" and "ProxyPassReverse" directives, and
I type the same http://1.2.3.4:9001 in the broswer, the auth-dialog pops up
as expected.
Is there a way to first let the auth-dialog pop-up, and only if credentials
are correct, to move to the proxy-address?
Looking forward to some help.
Thanks and Regards,
Ajay
Re: [users@httpd] Authentication BEFORE proxying
Posted by Ajay Garg <aj...@gmail.com>.
Thanks Luca.
Following worked.
I was first asked the credentials, and only when they were correct, was I
redirected to the proxied-url.
############################################################
###############################
Listen 2001
<VirtualHost *:2001>
<Location "/">
AuthType Basic
AuthName "Restricted Content"
AuthUserFile /home/2819163155b64c4c81f8608aa23c9faa/.htpasswd
Require valid-user
ProxyPass http://127.0.0.1:2000/
ProxyPassReverse http://127.0.0.1:2000/
</Location>
</VirtualHost>
############################################################
################################
So, the issue of this email-trail is solved.
Thanks a ton !!!
I would love to have your assistance on the thread
http://mail-archives.apache.org/mod_mbox/httpd-users/201704.mbox/browser,
where I have posted the question in context of the solution provided by you.
Thanks and Regards,
Ajay
On Sat, Apr 8, 2017 at 7:30 PM, Luca Toscano <to...@gmail.com> wrote:
> Hi Ajay,
>
> 2017-04-08 8:23 GMT+02:00 Ajay Garg <aj...@gmail.com>:
>
>> Hi All.
>>
>> If I setup the following in a virtual-host,
>>
>> ############################################################
>> ########################
>> Listen 9001
>> <VirtualHost *:9001>
>> DocumentRoot /var/www/html
>>
>> <Directory "/var/www/html">
>> AuthType Basic
>> AuthName "Restricted Content"
>> AuthUserFile /home/f5a6b457ba0d416cb4847bb3c4c6e6b6/.htpasswd
>> Require valid-user
>> </Directory>
>>
>> ProxyPass / http://127.0.0.1:9000/
>> ProxyPassReverse / http://127.0.0.1:9000/
>>
>> </VirtualHost>
>> ############################################################
>> #########################
>>
>>
>> and I type http://1.2.3.4:9001 in the browser, I get taken directly to
>> the proxy-address, without the auth-dialog popping up.
>>
>> If however, I remove the "ProxyPass" and "ProxyPassReverse" directives,
>> and I type the same http://1.2.3.4:9001 in the broswer, the auth-dialog
>> pops up as expected.
>>
>
> From what I can see in the config you are adding auth directives only to
> the "/var/www/html" Directory context, and the proxying to the Virtual Host
> one.
>
> More info about configuration sections: http://httpd.apache.
> org/docs/current/sections.html
>
>
>> Is there a way to first let the auth-dialog pop-up, and only if
>> credentials are correct, to move to the proxy-address?
>>
>
> I would try with a <Location> block containing ProxyPass/ProxyPassReverse
> and Auth/Require directives.
>
> Hope that helps!
>
> Luca
>
>
--
Regards,
Ajay
Re: [users@httpd] Authentication BEFORE proxying
Posted by Luca Toscano <to...@gmail.com>.
Hi Ajay,
2017-04-08 8:23 GMT+02:00 Ajay Garg <aj...@gmail.com>:
> Hi All.
>
> If I setup the following in a virtual-host,
>
> ############################################################
> ########################
> Listen 9001
> <VirtualHost *:9001>
> DocumentRoot /var/www/html
>
> <Directory "/var/www/html">
> AuthType Basic
> AuthName "Restricted Content"
> AuthUserFile /home/f5a6b457ba0d416cb4847bb3c4c6e6b6/.htpasswd
> Require valid-user
> </Directory>
>
> ProxyPass / http://127.0.0.1:9000/
> ProxyPassReverse / http://127.0.0.1:9000/
>
> </VirtualHost>
> ############################################################
> #########################
>
>
> and I type http://1.2.3.4:9001 in the browser, I get taken directly to
> the proxy-address, without the auth-dialog popping up.
>
> If however, I remove the "ProxyPass" and "ProxyPassReverse" directives,
> and I type the same http://1.2.3.4:9001 in the broswer, the auth-dialog
> pops up as expected.
>
From what I can see in the config you are adding auth directives only to
the "/var/www/html" Directory context, and the proxying to the Virtual Host
one.
More info about configuration sections:
http://httpd.apache.org/docs/current/sections.html
> Is there a way to first let the auth-dialog pop-up, and only if
> credentials are correct, to move to the proxy-address?
>
I would try with a <Location> block containing ProxyPass/ProxyPassReverse
and Auth/Require directives.
Hope that helps!
Luca