You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Yungwei Chen <yu...@resolvity.com> on 2009/11/13 18:37:02 UTC
[users@httpd] RE: Authenticate each user once for multiple applications
I just found that using the same value of AuthName for each application seems to solve my problem. Is it the right way to go?
From: Yungwei Chen [mailto:yungwei@resolvity.com]
Sent: Friday, November 13, 2009 10:00 AM
To: users@httpd.apache.org
Subject: [users@httpd] Authenticate each user once for multiple applications
Hi,
I have a reverse proxy server that forwards to requests to an internal apache server. Here's the configuration on how the reverse proxy server works.
<Location /rpt >
Order Deny,Allow
Deny from all
Allow from ...
ProxyPass https://111.111.111.111/rpt
ProxyPassReverse https://111.111.111.111/rpt
ProxyPassReverseCookieDomain 111.111.111.111 100.100.100.100
AuthName "Restricted Access"
AuthType Basic
AuthUserFile /etc/httpd/passwd/htpasswd.users
Require valid-user
</Location>
Then I added the following to the same conf file on the reverse proxy server for another application.
I first accessed the rpt application in a web browser, and then I was asked to enter id and password as expected.
Then I hit rpt2 in the same browser session, and then I was asked to enter id and password again.
My question is: How can I tell the reverse proxy server to authenticate each user just once in this case?
<Location /rpt2 >
Order Deny,Allow
Deny from all
Allow from ...
ProxyPass https://111.111.111.111/rpt2
ProxyPassReverse https://111.111.111.111/rpt2
ProxyPassReverseCookieDomain 111.111.111.111 100.100.100.100
AuthName "Restricted Access"
AuthType Basic
AuthUserFile /etc/httpd/passwd/htpasswd.users
Require valid-user
</Location>
Thanks.