You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by david kerns <da...@gmail.com> on 2016/03/31 23:50:43 UTC

[users@httpd] Migrate 2.2 -> 2.4 ProxyPass now by passes authentication

My server used to require authentication before it would proxy to the back
end.
Now it passes through to the back end without authenticating. What am I
missing?

I also found that I needed to move the ProxyPass to conf.d/ssl.conf or it
would proxy to the back end
even before the permanent redirect of http: -> https:

Everything under /protected requires authentication correctly, but /trac
(which should also require authentication) goes right in

<Directory />
  AllowOveride none
  Require all denied
</Directory>

<Directory "/var/www/html/protected">
  Authtype Basic
  AuthName "Authentication Required"
  AuthUserFile "path/to/file"
  AuthGroupFile "/path/to/group"
  Require group protected
</Directory>

<Directory "/var/www/html/trac">
  Authtype Basic
  AuthName "Authentication Required"
  AuthUserFile "path/to/file"
  AuthGroupFile "/path/to/group"
  Require group trac
</Directory>

<VirtualHost *:80>
  Servername myserver.mydomain
  DocumentRoot /var/www/hml
  Redirect permanent / https://myserver.mydomain/
</VirtualHost>

(moved to conf.d/ssl.conf)

ProxyPass /trac http://localhost:8000/trac
ProxyPassReverse /trac http://localhost:8000/trac

Re: [users@httpd] Migrate 2.2 -> 2.4 ProxyPass now by passes authentication

Posted by david kerns <da...@gmail.com>.

On Thu, Mar 31, 2016 at 4:11 PM, Eric Covener <co...@gmail.com> wrote:

> On Thu, Mar 31, 2016 at 5:50 PM, david kerns <da...@gmail.com>
> wrote:
> > Everything under /protected requires authentication correctly, but /trac
> > (which should also require authentication) goes right in
>
> If you proxy /trac, the filesystem path /var/www/html/trac is never
> used, so that <Directory> section does not apply.
>
> You probably want to configure that access control in <Location /trac>
>
> --
> Eric Covener
> covener@gmail.com
>
>
works! thank you!

Re: [users@httpd] Migrate 2.2 -> 2.4 ProxyPass now by passes authentication

Posted by Eric Covener <co...@gmail.com>.

On Thu, Mar 31, 2016 at 5:50 PM, david kerns <da...@gmail.com> wrote:
> Everything under /protected requires authentication correctly, but /trac
> (which should also require authentication) goes right in


If you proxy /trac, the filesystem path /var/www/html/trac is never
used, so that <Directory> section does not apply.

You probably want to configure that access control in <Location /trac>



-- 
Eric Covener
covener@gmail.com

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org