You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by david kerns <da...@gmail.com> on 2016/03/31 23:50:43 UTC
[users@httpd] Migrate 2.2 -> 2.4 ProxyPass now by passes authentication
My server used to require authentication before it would proxy to the back
end.
Now it passes through to the back end without authenticating. What am I
missing?
I also found that I needed to move the ProxyPass to conf.d/ssl.conf or it
would proxy to the back end
even before the permanent redirect of http: -> https:
Everything under /protected requires authentication correctly, but /trac
(which should also require authentication) goes right in
<Directory />
AllowOveride none
Require all denied
</Directory>
<Directory "/var/www/html/protected">
Authtype Basic
AuthName "Authentication Required"
AuthUserFile "path/to/file"
AuthGroupFile "/path/to/group"
Require group protected
</Directory>
<Directory "/var/www/html/trac">
Authtype Basic
AuthName "Authentication Required"
AuthUserFile "path/to/file"
AuthGroupFile "/path/to/group"
Require group trac
</Directory>
<VirtualHost *:80>
Servername myserver.mydomain
DocumentRoot /var/www/hml
Redirect permanent / https://myserver.mydomain/
</VirtualHost>
(moved to conf.d/ssl.conf)
ProxyPass /trac http://localhost:8000/trac
ProxyPassReverse /trac http://localhost:8000/trac
Re: [users@httpd] Migrate 2.2 -> 2.4 ProxyPass now by passes authentication
Posted by david kerns <da...@gmail.com>.
On Thu, Mar 31, 2016 at 4:11 PM, Eric Covener <co...@gmail.com> wrote:
> On Thu, Mar 31, 2016 at 5:50 PM, david kerns <da...@gmail.com>
> wrote:
> > Everything under /protected requires authentication correctly, but /trac
> > (which should also require authentication) goes right in
>
> If you proxy /trac, the filesystem path /var/www/html/trac is never
> used, so that <Directory> section does not apply.
>
> You probably want to configure that access control in <Location /trac>
>
> --
> Eric Covener
> covener@gmail.com
>
>
works! thank you!
Re: [users@httpd] Migrate 2.2 -> 2.4 ProxyPass now by passes authentication
Posted by Eric Covener <co...@gmail.com>.
On Thu, Mar 31, 2016 at 5:50 PM, david kerns <da...@gmail.com> wrote:
> Everything under /protected requires authentication correctly, but /trac
> (which should also require authentication) goes right in
If you proxy /trac, the filesystem path /var/www/html/trac is never
used, so that <Directory> section does not apply.
You probably want to configure that access control in <Location /trac>
--
Eric Covener
covener@gmail.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org