Authenticated reverse proxy to authenticated back end servers

["Neulinger, Nathan" <nn...@umr.edu>]

I've got a situation where I need to reverse proxy a set of back end web
servers, but which web server I proxy to depends on the user that is coming
in. 

So, assume I have servers "proxy1", "back1", and "back2". I want to have the
user access:

http://proxy1.umr.edu

they should be prompted to authenticate. Then, depending on what userid is
provided, I want to connect to back1 or back2 and proxy the request. The key
though is that the authentication information provided needs to be passed to
back1/back2 as well. 

It seems like bits and pieces of this can be done with mod_proxy and
mod_rewrite based on what I've read, but I'm really unsure about the nested
authentication part. Will that work properly? (The back-end servers are
authenticating against the same auth-service as the proxy1 server, so that
shouldn't be an issue.)

It looks like I can configure two separate ProxyPass lines, mapping
something like /proxy-back1 to back1 and /proxy-back2 to back2, and then
using rewrite rules to map / to /proxy-back[12] depending on the userid, but
what about the authentication. Can I just put a Location / auth block? And
will that auth data then be passed along to the back end server?

I'm hoping I can get back1/back2 to not be user specific, but at the moment,
they are, so I need to work around that. 

-- Nathan

------------------------------------------------------------
Nathan Neulinger                       EMail:  nneul@umr.edu
University of Missouri - Rolla         Phone: (573) 341-4841
Computing Services                       Fax: (573) 341-4216

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org