You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by rr...@fscinternet.com on 2002/09/19 23:52:08 UTC
WWW-Authenticate header lost when reverse-proxying
(Correction to previous posting: This error *only* occurs with
`ProxyErrorOverride On'.)
When operating as a reverse proxy, with `ProxyErrorOverride On',
mod_proxy incorrectly fails to pass through the WWW-Authenticate
response header on 401 responses.
It seems the problem is that ap_send_error_response() clears
r->headers_out, while ap_proxy_http_process_response() does not copy
the WWW-Authenticate header into r->err_headers_out.
A patch which fixes this follows. Note that this has NOT received
extensive testing.
*** modules/proxy/proxy_http.c.orig Thu Sep 19 14:47:51 2002
--- modules/proxy/proxy_http.c Thu Sep 19 17:38:36 2002
***************
*** 863,868 ****
--- 863,879 ----
}
}
+ if ((r->status == 401) && (conf->error_override != 0)) {
+ const char *buf;
+ const char *wa = "WWW-Authenticate";
+ if (buf = apr_table_get(r->headers_out, wa)) {
+ apr_table_set(r->err_headers_out, wa, buf);
+ } else {
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
+ "proxy: origin server sent 401 without w-a
header");
+ }
+ }
+
r->sent_bodyct = 1;
/* Is it an HTTP/0.9 response? If so, send the extra data */
if (backasswards) {
***************
*** 969,974 ****
--- 980,986 ----
*/
int status = r->status;
r->status = HTTP_OK;
+ ap_discard_request_body(rp);
return status;
}
} else