You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Petr Hracek <ph...@gmail.com> on 2010/06/10 10:32:07 UTC
Authentication of proxy over own module
Hello apache users,
I would like to explain my problem.
I have developed the module which is used for authorization to web pages.
It works fine without problem but I would like to use that module for
authorization
of "proxy" requests as well.
Proxy requests are not defined in settings of browser (in Firefox
Tools->Options->LAN settings -> Manual configuration of proxy).
In apache conf. file I have following:
<VirtualHost _default_:443>
SSLEngine on
SSLProxyEngine on
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^TRACE
RewriteRule .* - [F]
RewriteMap foo txt:/opt/apache/conf/foo.map
RewriteRule ^/PAC$ http://192.168.0.23:8080/PACAdmin [P]
RewriteRule ^/PAC/(.*) http://192.168.0.23:8080/PACAdmin/$1 [P]
RewriteRule ^/([^/]+)$ ${foo:$1|/$1} [L]
RewriteRule ^/([^/]+)/(.*) ${foo:$1|/opt/apache/htdocs/ssldocs/$1}/$2
[L]
<IfModule mod_authz_host.c>
<Directory />
Options +Indexes +Multiviews
AuthType FOOM
require valid-user
satisfy Any
</Directory>
</IfModule>
<Location "/PAC/">
ProxyPass http://192.168.0.23:8080/PACAdmin
ProxyPassReverse http://192.168.0.23:8080/PACAdmin
ProxyPassReverseCookie /PACAdmin /PAC
Order Allow,deny
Allow from all
</Location>
How I can used own module for authorization location /PAC/?
When user will enter URL http://192.168.0.23:8080/PAC
then firstly my own module will authorized that page and afterwards location
/PAC will be shown.
Is it possible to do it somehow?
Thanks for your help.
--
Best Regards / S pozdravem
Petr Hracek
Re: [users@httpd] Authentication of proxy over own module
Posted by Eric Covener <co...@gmail.com>.
On Thu, Jun 10, 2010 at 4:32 AM, Petr Hracek <ph...@gmail.com> wrote:
> It works fine without problem but I would like to use that module for
> authorization
> of "proxy" requests as well.
> Proxy requests are not defined in settings of browser (in Firefox
> Tools->Options->LAN settings -> Manual configuration of proxy).
> <Directory />
> Options +Indexes +Multiviews
> AuthType FOOM
Don't constrain your directives to stuff under <Directory /> if you
want them to apply to proxy requests. These are never mapped to a
directory.
http://httpd.apache.org/docs/2.2/sections.html
--
Eric Covener
covener@gmail.com
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] Re: Authentication of proxy over own module
Posted by Petr Hracek <ph...@gmail.com>.
Sorry my wrong explanation. I have ment the when the request is
authorized/authenticated by my module how the request should be sent to the
"proxy" IP address define in apache module:
RewriteRule ^/PAC$ http://192.168.0.23:8080/PACAdmin [P]
RewriteRule ^/PAC/(.*) http://192.168.0.23:8080/PACAdmin/$1 [P]
RewriteRule ^/([^/]+)$ ${foo:$1|/$1} [L]
RewriteRule ^/([^/]+)/(.*) ${foo:$1|/opt/apache/htdocs/ssldocs/$1}/$2
[L]
<Location "/PAC/">
ProxyPass http://192.168.0.23:8080/PACAdmin
ProxyPassReverse http://192.168.0.23:8080/PACAdmin
ProxyPassReverseCookie /PACAdmin /PAC
Order Allow,deny
Allow from all
</Location>
Best regards
hm, redirect itsn't proxing , as i understood ;) redirect it's wen you
>> communicate client and target server directly and no proxing anymore.
>> in case todo proxy in your module there should be server and client
>> parts, I've not seen your module, maybe it's under NDA, and so on...
>> but you can have a look at scgi module there client in apache api, but
>> it working in another way. there...
>> static apr_status_t
>> open_socket(apr_socket_t **sock, request_rec *r)
>> {
>> //snip
>> and
>> rv = apr_socket_connect(*sock, sockaddr);
>> if (rv) {
>> //snip
>>
>> On 15 June 2010 20:49, Petr Hracek <ph...@gmail.com> wrote:
>> > That's a good sentence.
>> > You mention:
>> >>> if you did auth in your own module there should be accepted stream and
>> >>> when it passed auth you must sent it through own module to target
>> server.
>> >
>> > May be this is a my problem. When the request is
>> authorized/authenticated by
>> > my module how and where I have to sent to the target server.
>> > How can I do it? Redirect?
>> >
>> > Thank you in advance
>> > Petr
>> >
>> >
>> > 2010/6/15 basteon <ba...@gmail.com>
>> >>
>> >> no, about sniffing i meant sniff traffic on the network interface.
>> >> I don't know how catch up ReverseProxy requests, but if you did auth
>> >> in your own module there should be accepted stream and when it passed
>> >> auth you must sent it through own module to target server. or it
>> >> should working as proxy you must thinking about sessions
>> >> accepted\passed auth, then init auth from own module to target server.
>> >>
>> >> but, why you did it at all? what's purposes on it double auth?
>> >>
>> >> On 15/06/2010, Petr Hracek <ph...@gmail.com> wrote:
>> >> > But I am using ReverseProxy as well, right?
>> >> > I mean in my own module to sniff traffic when the request is
>> >> > ReverseProxy
>> >> > and them going to the target?
>> >> > How I can catch that request is Reverse Proxy (not defined in Browser
>> >> > settings)?
>> >> > Is that any handler for that case and where should I try to catch the
>> >> > request?
>> >> > In post_read_request?
>> >> > Could you please let me more detailly what do you think?
>> >> >
>> >> > best regards.
>> >> > Petr
>> >> >
>> >> > 2010/6/14 basteon <ba...@gmail.com>
>> >> >
>> >> >> I uses reverce proxy, but you can try sniff traffic between proxy
>> and
>> >> >> target
>> >> >>
>> >> >> On 14 June 2010 13:52, Petr Hracek <ph...@gmail.com> wrote:
>> >> >> > If you mean that RewriteRule should be like that:
>> >> >> >
>> >> >> > RewriteMap foo txt:/opt/apache/conf/foo.map
>> >> >> > RewriteRule ^/([^/]+)$ ${foo:$1|/$1} [L]
>> >> >> > RewriteRule ^/([^/]+)/(.*) ${foo:$1|/opt/apache/htdocs/
>> >> >> > ssldocs/$1}/$2 [L]
>> >> >> > RewriteRule ^/PAC$ http://192.168.0.23:8080/PACAdmin [P]
>> >> >> > RewriteRule ^/PAC/(.*) http://192.168.0.23:8080/PACAdmin/$1 [P]
>> >> >> >
>> >> >> > Unfortuantelly in this case I see /opt/PAC/htdocs error was not
>> found
>> >> >> > but this is true because of main index is on the machine
>> >> >> 192.168.0.23:8080.
>> >> >> >
>> >> >> > Therefore I am receiving HTTP error 404.
>> >> >> >
>> >> >> > Or shall I do?
>> >> >> > <IfModule mod_authz_host.c>
>> >> >> > <Location "/PAC/">
>> >> >> > ProxyPass http://192.168.0.23:8080/PACAdmin
>> >> >> > ProxyPassReverse http://192.168.0.23:8080/PACAdmin
>> >> >> > ProxyPassReverseCookie /PACAdmin /PAC
>> >> >> > AuthType FOOM
>> >> >> > require valid-user
>> >> >> > satisfy Any
>> >> >> > </Location>
>> >> >> > </IfModule>
>> >> >> >
>> >> >> > Thank you in advance
>> >> >> >
>> >> >> > Petr
>> >> >> >
>> >> >> >
>> >> >> > 2010/6/14 basteon <ba...@gmail.com>
>> >> >> >>
>> >> >> >> hm, looks like if there double auth, therefore you should put
>> client
>> >> >> >> account trough your module instead of just redirect these client.
>> >> >> >>
>> >> >> >> On 14 June 2010 11:36, Petr Hracek <ph...@gmail.com> wrote:
>> >> >> >> > Yes this is done simillary in my own module but I have an
>> problem.
>> >> >> >> > When the URL is authorized (successfully) then URL
>> >> >> >> > http://192.168.0.23:8080/PAC is shown as 404 Unknown.
>> >> >> >> > Unfortuntatelly I could not find any reason why it is not found
>> >> >> because
>> >> >> >> > of
>> >> >> >> > URL is a Proxy?
>> >> >> >> > See my apache2 configuration file
>> >> >> >> >
>> >> >> >> > Eric mentioned:
>> >> >> >> >
>> >> >> >> >>>Don't constrain your directives to stuff under <Directory />
>> if
>> >> >> >> >>> you
>> >> >> >> > want them to apply to proxy requests. These are never mapped to
>> a
>> >> >> >> > directory.
>> >> >> >> >
>> >> >> >> > But Unfortunatelly I do not understand what shall I do. How
>> shall
>> >> >> >> > I
>> >> >> >> > defined
>> >> >> >> > my directives.
>> >> >> >> > Any help?
>> >> >> >> >
>> >> >> >> >
>> >> >> >> >
>> >> >> >> > 2010/6/14 basteon <ba...@gmail.com>
>> >> >> >> >>
>> >> >> >> >> I guess that you can found reply in man 3 pam and do pam auth
>> in
>> >> >> >> >> own
>> >> >> >> >> module if that necessary.
>> >> >> >> >>
>> >> >> >> >> On 14 June 2010 18:05, Petr Hracek <ph...@gmail.com>
>> wrote:
>> >> >> >> >> > Hello *,
>> >> >> >> >> >
>> >> >> >> >> > On the target host is done some authorization but I would
>> like
>> >> >> >> >> > to
>> >> >> add
>> >> >> >> >> > second
>> >> >> >> >> > authorization from my own module.
>> >> >> >> >> >
>> >> >> >> >> > Unfortunatelly I have found that
>> >> >> >> >> > mod_auth_pam is not supported and/or developed any longer.
>> >> >> >> >> >
>> >> >> >> >> > if there any other module which is supported?
>> >> >> >> >> >
>> >> >> >> >> > thank you in advance
>> >> >> >> >> > Petr
>> >> >> >> >> >
>> >> >> >> >> > 2010/6/12 basteon <ba...@gmail.com>
>> >> >> >> >> >>
>> >> >> >> >> >> hi, I guess that you can authorize it in PAM by yourself in
>> >> >> >> >> >> own
>> >> >> >> >> >> module
>> >> >> >> >> >> or uses http-basic auth ready module on the target host or
>> >> >> >> >> >> proxy.
>> >> >> >> >> >>
>> >> >> >> >> >> On 10/06/2010, Petr Hracek <ph...@gmail.com> wrote:
>> >> >> >> >> >> > Hello apache users,
>> >> >> >> >> >> >
>> >> >> >> >> >> > I would like to explain my problem.
>> >> >> >> >> >> > I have developed the module which is used for
>> authorization
>> >> >> >> >> >> > to
>> >> >> web
>> >> >> >> >> >> > pages.
>> >> >> >> >> >> > It works fine without problem but I would like to use
>> that
>> >> >> module
>> >> >> >> >> >> > for
>> >> >> >> >> >> > authorization
>> >> >> >> >> >> > of "proxy" requests as well.
>> >> >> >> >> >> > Proxy requests are not defined in settings of browser (in
>> >> >> Firefox
>> >> >> >> >> >> > Tools->Options->LAN settings -> Manual configuration of
>> >> >> >> >> >> > proxy).
>> >> >> >> >> >> >
>> >> >> >> >> >> > In apache conf. file I have following:
>> >> >> >> >> >> >
>> >> >> >> >> >> > <VirtualHost _default_:443>
>> >> >> >> >> >> >
>> >> >> >> >> >> > SSLEngine on
>> >> >> >> >> >> > SSLProxyEngine on
>> >> >> >> >> >> >
>> >> >> >> >> >> > RewriteEngine on
>> >> >> >> >> >> > RewriteCond %{REQUEST_METHOD} ^TRACE
>> >> >> >> >> >> > RewriteRule .* - [F]
>> >> >> >> >> >> > RewriteMap foo txt:/opt/apache/conf/foo.map
>> >> >> >> >> >> > RewriteRule ^/PAC$ http://192.168.0.23:8080/PACAdmin [P]
>> >> >> >> >> >> > RewriteRule ^/PAC/(.*)
>> http://192.168.0.23:8080/PACAdmin/$1
>> >> >> >> >> >> > [P]
>> >> >> >> >> >> > RewriteRule ^/([^/]+)$ ${foo:$1|/$1} [L]
>> >> >> >> >> >> > RewriteRule ^/([^/]+)/(.*)
>> >> >> >> >> >> > ${foo:$1|/opt/apache/htdocs/ssldocs/$1}/$2
>> >> >> >> >> >> > [L]
>> >> >> >> >> >> >
>> >> >> >> >> >> > <IfModule mod_authz_host.c>
>> >> >> >> >> >> > <Directory />
>> >> >> >> >> >> > Options +Indexes +Multiviews
>> >> >> >> >> >> > AuthType FOOM
>> >> >> >> >> >> > require valid-user
>> >> >> >> >> >> > satisfy Any
>> >> >> >> >> >> > </Directory>
>> >> >> >> >> >> > </IfModule>
>> >> >> >> >> >> >
>> >> >> >> >> >> > <Location "/PAC/">
>> >> >> >> >> >> > ProxyPass http://192.168.0.23:8080/PACAdmin
>> >> >> >> >> >> > ProxyPassReverse http://192.168.0.23:8080/PACAdmin
>> >> >> >> >> >> > ProxyPassReverseCookie /PACAdmin /PAC
>> >> >> >> >> >> > Order Allow,deny
>> >> >> >> >> >> > Allow from all
>> >> >> >> >> >> > </Location>
>> >> >> >> >> >> >
>> >> >> >> >> >> > How I can used own module for authorization location
>> /PAC/?
>> >> >> >> >> >> > When user will enter URL http://192.168.0.23:8080/PAC
>> >> >> >> >> >> > then firstly my own module will authorized that page and
>> >> >> >> >> >> > afterwards
>> >> >> >> >> >> > location
>> >> >> >> >> >> > /PAC will be shown.
>> >> >> >> >> >> > Is it possible to do it somehow?
>> >> >> >> >> >> >
>> >> >> >> >> >> > Thanks for your help.
>> >> >> >> >> >> > --
>> >> >> >> >> >> > Best Regards / S pozdravem
>> >> >> >> >> >> > Petr Hracek
>> >> >> >> >> >> >
>> >> >> >> >> >
>> >> >> >> >> >
>> >> >> >> >> >
>> >> >> >> >> > --
>> >> >> >> >> > Best Regards / S pozdravem
>> >> >> >> >> > Petr Hracek
>> >> >> >> >> >
>> >> >> >> >
>> >> >> >> >
>> >> >> >> >
>> >> >> >> > --
>> >> >> >> > Best Regards / S pozdravem
>> >> >> >> > Petr Hracek
>> >> >> >> >
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> > --
>> >> >> > Best Regards / S pozdravem
>> >> >> > Petr Hracek
>> >> >> >
>> >> >>
>> >> >
>> >> >
>> >> >
>> >> > --
>> >> > Best Regards / S pozdravem
>> >> > Petr Hracek
>> >> >
>> >
>> >
>> >
>> > --
>> > Best Regards / S pozdravem
>> > Petr Hracek
>> >
>>
>
>
>
> --
> Best Regards / S pozdravem
> Petr Hracek
>
2010/6/15 basteon <ba...@gmail.com>
--
Best Regards / S pozdravem
Petr Hracek
Re: Authentication of proxy over own module
Posted by Petr Hracek <ph...@gmail.com>.
Sorry I have posted to the wrong conference.
Add the end of this mail youc can find where I have a problem?
2010/6/17 Pid <pi...@pidster.com>
> On 16/06/2010 10:08, Petr Hracek wrote:
> > Sorry my wrong explanation. I have ment the when the request is
> > authorized/authenticated by my module how the request should be sent to
> the
> > "proxy" IP address define in apache module:
> >
> > RewriteRule ^/PAC$ http://192.168.0.23:8080/PACAdmin [P]
> > RewriteRule ^/PAC/(.*) http://192.168.0.23:8080/PACAdmin/$1 [P]
> > RewriteRule ^/([^/]+)$ ${foo:$1|/$1} [L]
> > RewriteRule ^/([^/]+)/(.*) ${foo:$1|/opt/apache/htdocs/ssldocs/$1}/$2
> > [L]
> >
> > <Location "/PAC/">
> > ProxyPass http://192.168.0.23:8080/PACAdmin
> > ProxyPassReverse http://192.168.0.23:8080/PACAdmin
> > ProxyPassReverseCookie /PACAdmin /PAC
> > Order Allow,deny
> > Allow from all
> > </Location>
>
>
> Can you explain again what it is you're trying to achieve, please?
>
>
> p
>
>
>
> > Best regards
> > Petr
> >
> > 2010/6/15 basteon <ba...@gmail.com>
> >
> >> hm, redirect itsn't proxing , as i understood ;) redirect it's wen you
> >> communicate client and target server directly and no proxing anymore.
> >> in case todo proxy in your module there should be server and client
> >> parts, I've not seen your module, maybe it's under NDA, and so on...
> >> but you can have a look at scgi module there client in apache api, but
> >> it working in another way. there...
> >> static apr_status_t
> >> open_socket(apr_socket_t **sock, request_rec *r)
> >> {
> >> //snip
> >> and
> >> rv = apr_socket_connect(*sock, sockaddr);
> >> if (rv) {
> >> //snip
> >>
> >> On 15 June 2010 20:49, Petr Hracek <ph...@gmail.com> wrote:
> >>> That's a good sentence.
> >>> You mention:
> >>>>> if you did auth in your own module there should be accepted stream
> and
> >>>>> when it passed auth you must sent it through own module to target
> >> server.
> >>>
> >>> May be this is a my problem. When the request is
> authorized/authenticated
> >> by
> >>> my module how and where I have to sent to the target server.
> >>> How can I do it? Redirect?
> >>>
> >>> Thank you in advance
> >>> Petr
> >>>
> >>>
> >>> 2010/6/15 basteon <ba...@gmail.com>
> >>>>
> >>>> no, about sniffing i meant sniff traffic on the network interface.
> >>>> I don't know how catch up ReverseProxy requests, but if you did auth
> >>>> in your own module there should be accepted stream and when it passed
> >>>> auth you must sent it through own module to target server. or it
> >>>> should working as proxy you must thinking about sessions
> >>>> accepted\passed auth, then init auth from own module to target server.
> >>>>
> >>>> but, why you did it at all? what's purposes on it double auth?
> >>>>
> >>>> On 15/06/2010, Petr Hracek <ph...@gmail.com> wrote:
> >>>>> But I am using ReverseProxy as well, right?
> >>>>> I mean in my own module to sniff traffic when the request is
> >>>>> ReverseProxy
> >>>>> and them going to the target?
> >>>>> How I can catch that request is Reverse Proxy (not defined in Browser
> >>>>> settings)?
> >>>>> Is that any handler for that case and where should I try to catch the
> >>>>> request?
> >>>>> In post_read_request?
> >>>>> Could you please let me more detailly what do you think?
> >>>>>
> >>>>> best regards.
> >>>>> Petr
> >>>>>
> >>>>> 2010/6/14 basteon <ba...@gmail.com>
> >>>>>
> >>>>>> I uses reverce proxy, but you can try sniff traffic between proxy
> and
> >>>>>> target
> >>>>>>
> >>>>>> On 14 June 2010 13:52, Petr Hracek <ph...@gmail.com> wrote:
> >>>>>>> If you mean that RewriteRule should be like that:
> >>>>>>>
> >>>>>>> RewriteMap foo txt:/opt/apache/conf/foo.map
> >>>>>>> RewriteRule ^/([^/]+)$ ${foo:$1|/$1} [L]
> >>>>>>> RewriteRule ^/([^/]+)/(.*) ${foo:$1|/opt/apache/htdocs/
> >>>>>>> ssldocs/$1}/$2 [L]
> >>>>>>> RewriteRule ^/PAC$ http://192.168.0.23:8080/PACAdmin [P]
> >>>>>>> RewriteRule ^/PAC/(.*) http://192.168.0.23:8080/PACAdmin/$1 [P]
> >>>>>>>
> >>>>>>> Unfortuantelly in this case I see /opt/PAC/htdocs error was not
> >> found
> >>>>>>> but this is true because of main index is on the machine
> >>>>>> 192.168.0.23:8080.
> >>>>>>>
> >>>>>>> Therefore I am receiving HTTP error 404.
> >>>>>>>
> >>>>>>> Or shall I do?
> >>>>>>> <IfModule mod_authz_host.c>
> >>>>>>> <Location "/PAC/">
> >>>>>>> ProxyPass http://192.168.0.23:8080/PACAdmin
> >>>>>>> ProxyPassReverse http://192.168.0.23:8080/PACAdmin
> >>>>>>> ProxyPassReverseCookie /PACAdmin /PAC
> >>>>>>> AuthType FOOM
> >>>>>>> require valid-user
> >>>>>>> satisfy Any
> >>>>>>> </Location>
> >>>>>>> </IfModule>
> >>>>>>>
> >>>>>>> Thank you in advance
> >>>>>>>
> >>>>>>> Petr
> >>>>>>>
> >>>>>>>
> >>>>>>> 2010/6/14 basteon <ba...@gmail.com>
> >>>>>>>>
> >>>>>>>> hm, looks like if there double auth, therefore you should put
> >> client
> >>>>>>>> account trough your module instead of just redirect these client.
> >>>>>>>>
> >>>>>>>> On 14 June 2010 11:36, Petr Hracek <ph...@gmail.com> wrote:
> >>>>>>>>> Yes this is done simillary in my own module but I have an
> >> problem.
> >>>>>>>>> When the URL is authorized (successfully) then URL
> >>>>>>>>> http://192.168.0.23:8080/PAC is shown as 404 Unknown.
> >>>>>>>>> Unfortuntatelly I could not find any reason why it is not found
> >>>>>> because
> >>>>>>>>> of
> >>>>>>>>> URL is a Proxy?
> >>>>>>>>> See my apache2 configuration file
> >>>>>>>>>
> >>>>>>>>> Eric mentioned:
> >>>>>>>>>
> >>>>>>>>>>> Don't constrain your directives to stuff under <Directory /> if
> >>>>>>>>>>> you
> >>>>>>>>> want them to apply to proxy requests. These are never mapped to
> >> a
> >>>>>>>>> directory.
> >>>>>>>>>
> >>>>>>>>> But Unfortunatelly I do not understand what shall I do. How
> >> shall
> >>>>>>>>> I
> >>>>>>>>> defined
> >>>>>>>>> my directives.
> >>>>>>>>> Any help?
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>> 2010/6/14 basteon <ba...@gmail.com>
> >>>>>>>>>>
> >>>>>>>>>> I guess that you can found reply in man 3 pam and do pam auth
> >> in
> >>>>>>>>>> own
> >>>>>>>>>> module if that necessary.
> >>>>>>>>>>
> >>>>>>>>>> On 14 June 2010 18:05, Petr Hracek <ph...@gmail.com> wrote:
> >>>>>>>>>>> Hello *,
> >>>>>>>>>>>
> >>>>>>>>>>> On the target host is done some authorization but I would
> >> like
> >>>>>>>>>>> to
> >>>>>> add
> >>>>>>>>>>> second
> >>>>>>>>>>> authorization from my own module.
> >>>>>>>>>>>
> >>>>>>>>>>> Unfortunatelly I have found that
> >>>>>>>>>>> mod_auth_pam is not supported and/or developed any longer.
> >>>>>>>>>>>
> >>>>>>>>>>> if there any other module which is supported?
> >>>>>>>>>>>
> >>>>>>>>>>> thank you in advance
> >>>>>>>>>>> Petr
> >>>>>>>>>>>
> >>>>>>>>>>> 2010/6/12 basteon <ba...@gmail.com>
> >>>>>>>>>>>>
> >>>>>>>>>>>> hi, I guess that you can authorize it in PAM by yourself in
> >>>>>>>>>>>> own
> >>>>>>>>>>>> module
> >>>>>>>>>>>> or uses http-basic auth ready module on the target host or
> >>>>>>>>>>>> proxy.
> >>>>>>>>>>>>
> >>>>>>>>>>>> On 10/06/2010, Petr Hracek <ph...@gmail.com> wrote:
> >>>>>>>>>>>>> Hello apache users,
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> I would like to explain my problem.
> >>>>>>>>>>>>> I have developed the module which is used for
> >> authorization
> >>>>>>>>>>>>> to
> >>>>>> web
> >>>>>>>>>>>>> pages.
> >>>>>>>>>>>>> It works fine without problem but I would like to use that
> >>>>>> module
> >>>>>>>>>>>>> for
> >>>>>>>>>>>>> authorization
> >>>>>>>>>>>>> of "proxy" requests as well.
> >>>>>>>>>>>>> Proxy requests are not defined in settings of browser (in
> >>>>>> Firefox
> >>>>>>>>>>>>> Tools->Options->LAN settings -> Manual configuration of
> >>>>>>>>>>>>> proxy).
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> In apache conf. file I have following:
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> <VirtualHost _default_:443>
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> SSLEngine on
> >>>>>>>>>>>>> SSLProxyEngine on
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> RewriteEngine on
> >>>>>>>>>>>>> RewriteCond %{REQUEST_METHOD} ^TRACE
> >>>>>>>>>>>>> RewriteRule .* - [F]
> >>>>>>>>>>>>> RewriteMap foo txt:/opt/apache/conf/foo.map
> >>>>>>>>>>>>> RewriteRule ^/PAC$ http://192.168.0.23:8080/PACAdmin [P]
> >>>>>>>>>>>>> RewriteRule ^/PAC/(.*)
> >> http://192.168.0.23:8080/PACAdmin/$1
> >>>>>>>>>>>>> [P]
> >>>>>>>>>>>>> RewriteRule ^/([^/]+)$ ${foo:$1|/$1} [L]
> >>>>>>>>>>>>> RewriteRule ^/([^/]+)/(.*)
> >>>>>>>>>>>>> ${foo:$1|/opt/apache/htdocs/ssldocs/$1}/$2
> >>>>>>>>>>>>> [L]
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> <IfModule mod_authz_host.c>
> >>>>>>>>>>>>> <Directory />
> >>>>>>>>>>>>> Options +Indexes +Multiviews
> >>>>>>>>>>>>> AuthType FOOM
> >>>>>>>>>>>>> require valid-user
> >>>>>>>>>>>>> satisfy Any
> >>>>>>>>>>>>> </Directory>
> >>>>>>>>>>>>> </IfModule>
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> <Location "/PAC/">
> >>>>>>>>>>>>> ProxyPass http://192.168.0.23:8080/PACAdmin
> >>>>>>>>>>>>> ProxyPassReverse http://192.168.0.23:8080/PACAdmin
> >>>>>>>>>>>>> ProxyPassReverseCookie /PACAdmin /PAC
> >>>>>>>>>>>>> Order Allow,deny
> >>>>>>>>>>>>> Allow from all
> >>>>>>>>>>>>> </Location>
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> How I can used own module for authorization location
> >> /PAC/?
> >>>>>>>>>>>>> When user will enter URL http://192.168.0.23:8080/PAC
> >>>>>>>>>>>>> then firstly my own module will authorized that page and
> >>>>>>>>>>>>> afterwards
> >>>>>>>>>>>>> location
> >>>>>>>>>>>>> /PAC will be shown.
> >>>>>>>>>>>>> Is it possible to do it somehow?
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> Thanks for your help.
> >>>>>>>>>>>>> --
> >>>>>>>>>>>>> Best Regards / S pozdravem
> >>>>>>>>>>>>> Petr Hracek
> >>>>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>> --
> >>>>>>>>>>> Best Regards / S pozdravem
> >>>>>>>>>>> Petr Hracek
> >>>>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>> --
> >>>>>>>>> Best Regards / S pozdravem
> >>>>>>>>> Petr Hracek
> >>>>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>> --
> >>>>>>> Best Regards / S pozdravem
> >>>>>>> Petr Hracek
> >>>>>>>
> >>>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>> --
> >>>>> Best Regards / S pozdravem
> >>>>> Petr Hracek
> >>>>>
> >>>
> >>>
> >>>
> >>> --
> >>> Best Regards / S pozdravem
> >>> Petr Hracek
> >>>
> >>
> >
> >
> >
>
>
>
--
Best Regards / S pozdravem
Petr Hracek
Re: Authentication of proxy over own module
Posted by Pid <pi...@pidster.com>.
On 16/06/2010 10:08, Petr Hracek wrote:
> Sorry my wrong explanation. I have ment the when the request is
> authorized/authenticated by my module how the request should be sent to the
> "proxy" IP address define in apache module:
>
> RewriteRule ^/PAC$ http://192.168.0.23:8080/PACAdmin [P]
> RewriteRule ^/PAC/(.*) http://192.168.0.23:8080/PACAdmin/$1 [P]
> RewriteRule ^/([^/]+)$ ${foo:$1|/$1} [L]
> RewriteRule ^/([^/]+)/(.*) ${foo:$1|/opt/apache/htdocs/ssldocs/$1}/$2
> [L]
>
> <Location "/PAC/">
> ProxyPass http://192.168.0.23:8080/PACAdmin
> ProxyPassReverse http://192.168.0.23:8080/PACAdmin
> ProxyPassReverseCookie /PACAdmin /PAC
> Order Allow,deny
> Allow from all
> </Location>
Can you explain again what it is you're trying to achieve, please?
p
> Best regards
> Petr
>
> 2010/6/15 basteon <ba...@gmail.com>
>
>> hm, redirect itsn't proxing , as i understood ;) redirect it's wen you
>> communicate client and target server directly and no proxing anymore.
>> in case todo proxy in your module there should be server and client
>> parts, I've not seen your module, maybe it's under NDA, and so on...
>> but you can have a look at scgi module there client in apache api, but
>> it working in another way. there...
>> static apr_status_t
>> open_socket(apr_socket_t **sock, request_rec *r)
>> {
>> //snip
>> and
>> rv = apr_socket_connect(*sock, sockaddr);
>> if (rv) {
>> //snip
>>
>> On 15 June 2010 20:49, Petr Hracek <ph...@gmail.com> wrote:
>>> That's a good sentence.
>>> You mention:
>>>>> if you did auth in your own module there should be accepted stream and
>>>>> when it passed auth you must sent it through own module to target
>> server.
>>>
>>> May be this is a my problem. When the request is authorized/authenticated
>> by
>>> my module how and where I have to sent to the target server.
>>> How can I do it? Redirect?
>>>
>>> Thank you in advance
>>> Petr
>>>
>>>
>>> 2010/6/15 basteon <ba...@gmail.com>
>>>>
>>>> no, about sniffing i meant sniff traffic on the network interface.
>>>> I don't know how catch up ReverseProxy requests, but if you did auth
>>>> in your own module there should be accepted stream and when it passed
>>>> auth you must sent it through own module to target server. or it
>>>> should working as proxy you must thinking about sessions
>>>> accepted\passed auth, then init auth from own module to target server.
>>>>
>>>> but, why you did it at all? what's purposes on it double auth?
>>>>
>>>> On 15/06/2010, Petr Hracek <ph...@gmail.com> wrote:
>>>>> But I am using ReverseProxy as well, right?
>>>>> I mean in my own module to sniff traffic when the request is
>>>>> ReverseProxy
>>>>> and them going to the target?
>>>>> How I can catch that request is Reverse Proxy (not defined in Browser
>>>>> settings)?
>>>>> Is that any handler for that case and where should I try to catch the
>>>>> request?
>>>>> In post_read_request?
>>>>> Could you please let me more detailly what do you think?
>>>>>
>>>>> best regards.
>>>>> Petr
>>>>>
>>>>> 2010/6/14 basteon <ba...@gmail.com>
>>>>>
>>>>>> I uses reverce proxy, but you can try sniff traffic between proxy and
>>>>>> target
>>>>>>
>>>>>> On 14 June 2010 13:52, Petr Hracek <ph...@gmail.com> wrote:
>>>>>>> If you mean that RewriteRule should be like that:
>>>>>>>
>>>>>>> RewriteMap foo txt:/opt/apache/conf/foo.map
>>>>>>> RewriteRule ^/([^/]+)$ ${foo:$1|/$1} [L]
>>>>>>> RewriteRule ^/([^/]+)/(.*) ${foo:$1|/opt/apache/htdocs/
>>>>>>> ssldocs/$1}/$2 [L]
>>>>>>> RewriteRule ^/PAC$ http://192.168.0.23:8080/PACAdmin [P]
>>>>>>> RewriteRule ^/PAC/(.*) http://192.168.0.23:8080/PACAdmin/$1 [P]
>>>>>>>
>>>>>>> Unfortuantelly in this case I see /opt/PAC/htdocs error was not
>> found
>>>>>>> but this is true because of main index is on the machine
>>>>>> 192.168.0.23:8080.
>>>>>>>
>>>>>>> Therefore I am receiving HTTP error 404.
>>>>>>>
>>>>>>> Or shall I do?
>>>>>>> <IfModule mod_authz_host.c>
>>>>>>> <Location "/PAC/">
>>>>>>> ProxyPass http://192.168.0.23:8080/PACAdmin
>>>>>>> ProxyPassReverse http://192.168.0.23:8080/PACAdmin
>>>>>>> ProxyPassReverseCookie /PACAdmin /PAC
>>>>>>> AuthType FOOM
>>>>>>> require valid-user
>>>>>>> satisfy Any
>>>>>>> </Location>
>>>>>>> </IfModule>
>>>>>>>
>>>>>>> Thank you in advance
>>>>>>>
>>>>>>> Petr
>>>>>>>
>>>>>>>
>>>>>>> 2010/6/14 basteon <ba...@gmail.com>
>>>>>>>>
>>>>>>>> hm, looks like if there double auth, therefore you should put
>> client
>>>>>>>> account trough your module instead of just redirect these client.
>>>>>>>>
>>>>>>>> On 14 June 2010 11:36, Petr Hracek <ph...@gmail.com> wrote:
>>>>>>>>> Yes this is done simillary in my own module but I have an
>> problem.
>>>>>>>>> When the URL is authorized (successfully) then URL
>>>>>>>>> http://192.168.0.23:8080/PAC is shown as 404 Unknown.
>>>>>>>>> Unfortuntatelly I could not find any reason why it is not found
>>>>>> because
>>>>>>>>> of
>>>>>>>>> URL is a Proxy?
>>>>>>>>> See my apache2 configuration file
>>>>>>>>>
>>>>>>>>> Eric mentioned:
>>>>>>>>>
>>>>>>>>>>> Don't constrain your directives to stuff under <Directory /> if
>>>>>>>>>>> you
>>>>>>>>> want them to apply to proxy requests. These are never mapped to
>> a
>>>>>>>>> directory.
>>>>>>>>>
>>>>>>>>> But Unfortunatelly I do not understand what shall I do. How
>> shall
>>>>>>>>> I
>>>>>>>>> defined
>>>>>>>>> my directives.
>>>>>>>>> Any help?
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> 2010/6/14 basteon <ba...@gmail.com>
>>>>>>>>>>
>>>>>>>>>> I guess that you can found reply in man 3 pam and do pam auth
>> in
>>>>>>>>>> own
>>>>>>>>>> module if that necessary.
>>>>>>>>>>
>>>>>>>>>> On 14 June 2010 18:05, Petr Hracek <ph...@gmail.com> wrote:
>>>>>>>>>>> Hello *,
>>>>>>>>>>>
>>>>>>>>>>> On the target host is done some authorization but I would
>> like
>>>>>>>>>>> to
>>>>>> add
>>>>>>>>>>> second
>>>>>>>>>>> authorization from my own module.
>>>>>>>>>>>
>>>>>>>>>>> Unfortunatelly I have found that
>>>>>>>>>>> mod_auth_pam is not supported and/or developed any longer.
>>>>>>>>>>>
>>>>>>>>>>> if there any other module which is supported?
>>>>>>>>>>>
>>>>>>>>>>> thank you in advance
>>>>>>>>>>> Petr
>>>>>>>>>>>
>>>>>>>>>>> 2010/6/12 basteon <ba...@gmail.com>
>>>>>>>>>>>>
>>>>>>>>>>>> hi, I guess that you can authorize it in PAM by yourself in
>>>>>>>>>>>> own
>>>>>>>>>>>> module
>>>>>>>>>>>> or uses http-basic auth ready module on the target host or
>>>>>>>>>>>> proxy.
>>>>>>>>>>>>
>>>>>>>>>>>> On 10/06/2010, Petr Hracek <ph...@gmail.com> wrote:
>>>>>>>>>>>>> Hello apache users,
>>>>>>>>>>>>>
>>>>>>>>>>>>> I would like to explain my problem.
>>>>>>>>>>>>> I have developed the module which is used for
>> authorization
>>>>>>>>>>>>> to
>>>>>> web
>>>>>>>>>>>>> pages.
>>>>>>>>>>>>> It works fine without problem but I would like to use that
>>>>>> module
>>>>>>>>>>>>> for
>>>>>>>>>>>>> authorization
>>>>>>>>>>>>> of "proxy" requests as well.
>>>>>>>>>>>>> Proxy requests are not defined in settings of browser (in
>>>>>> Firefox
>>>>>>>>>>>>> Tools->Options->LAN settings -> Manual configuration of
>>>>>>>>>>>>> proxy).
>>>>>>>>>>>>>
>>>>>>>>>>>>> In apache conf. file I have following:
>>>>>>>>>>>>>
>>>>>>>>>>>>> <VirtualHost _default_:443>
>>>>>>>>>>>>>
>>>>>>>>>>>>> SSLEngine on
>>>>>>>>>>>>> SSLProxyEngine on
>>>>>>>>>>>>>
>>>>>>>>>>>>> RewriteEngine on
>>>>>>>>>>>>> RewriteCond %{REQUEST_METHOD} ^TRACE
>>>>>>>>>>>>> RewriteRule .* - [F]
>>>>>>>>>>>>> RewriteMap foo txt:/opt/apache/conf/foo.map
>>>>>>>>>>>>> RewriteRule ^/PAC$ http://192.168.0.23:8080/PACAdmin [P]
>>>>>>>>>>>>> RewriteRule ^/PAC/(.*)
>> http://192.168.0.23:8080/PACAdmin/$1
>>>>>>>>>>>>> [P]
>>>>>>>>>>>>> RewriteRule ^/([^/]+)$ ${foo:$1|/$1} [L]
>>>>>>>>>>>>> RewriteRule ^/([^/]+)/(.*)
>>>>>>>>>>>>> ${foo:$1|/opt/apache/htdocs/ssldocs/$1}/$2
>>>>>>>>>>>>> [L]
>>>>>>>>>>>>>
>>>>>>>>>>>>> <IfModule mod_authz_host.c>
>>>>>>>>>>>>> <Directory />
>>>>>>>>>>>>> Options +Indexes +Multiviews
>>>>>>>>>>>>> AuthType FOOM
>>>>>>>>>>>>> require valid-user
>>>>>>>>>>>>> satisfy Any
>>>>>>>>>>>>> </Directory>
>>>>>>>>>>>>> </IfModule>
>>>>>>>>>>>>>
>>>>>>>>>>>>> <Location "/PAC/">
>>>>>>>>>>>>> ProxyPass http://192.168.0.23:8080/PACAdmin
>>>>>>>>>>>>> ProxyPassReverse http://192.168.0.23:8080/PACAdmin
>>>>>>>>>>>>> ProxyPassReverseCookie /PACAdmin /PAC
>>>>>>>>>>>>> Order Allow,deny
>>>>>>>>>>>>> Allow from all
>>>>>>>>>>>>> </Location>
>>>>>>>>>>>>>
>>>>>>>>>>>>> How I can used own module for authorization location
>> /PAC/?
>>>>>>>>>>>>> When user will enter URL http://192.168.0.23:8080/PAC
>>>>>>>>>>>>> then firstly my own module will authorized that page and
>>>>>>>>>>>>> afterwards
>>>>>>>>>>>>> location
>>>>>>>>>>>>> /PAC will be shown.
>>>>>>>>>>>>> Is it possible to do it somehow?
>>>>>>>>>>>>>
>>>>>>>>>>>>> Thanks for your help.
>>>>>>>>>>>>> --
>>>>>>>>>>>>> Best Regards / S pozdravem
>>>>>>>>>>>>> Petr Hracek
>>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> --
>>>>>>>>>>> Best Regards / S pozdravem
>>>>>>>>>>> Petr Hracek
>>>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> Best Regards / S pozdravem
>>>>>>>>> Petr Hracek
>>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Best Regards / S pozdravem
>>>>>>> Petr Hracek
>>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Best Regards / S pozdravem
>>>>> Petr Hracek
>>>>>
>>>
>>>
>>>
>>> --
>>> Best Regards / S pozdravem
>>> Petr Hracek
>>>
>>
>
>
>
Re: Authentication of proxy over own module
Posted by Petr Hracek <ph...@gmail.com>.
Sorry my wrong explanation. I have ment the when the request is
authorized/authenticated by my module how the request should be sent to the
"proxy" IP address define in apache module:
RewriteRule ^/PAC$ http://192.168.0.23:8080/PACAdmin [P]
RewriteRule ^/PAC/(.*) http://192.168.0.23:8080/PACAdmin/$1 [P]
RewriteRule ^/([^/]+)$ ${foo:$1|/$1} [L]
RewriteRule ^/([^/]+)/(.*) ${foo:$1|/opt/apache/htdocs/ssldocs/$1}/$2
[L]
<Location "/PAC/">
ProxyPass http://192.168.0.23:8080/PACAdmin
ProxyPassReverse http://192.168.0.23:8080/PACAdmin
ProxyPassReverseCookie /PACAdmin /PAC
Order Allow,deny
Allow from all
</Location>
Best regards
Petr
2010/6/15 basteon <ba...@gmail.com>
> hm, redirect itsn't proxing , as i understood ;) redirect it's wen you
> communicate client and target server directly and no proxing anymore.
> in case todo proxy in your module there should be server and client
> parts, I've not seen your module, maybe it's under NDA, and so on...
> but you can have a look at scgi module there client in apache api, but
> it working in another way. there...
> static apr_status_t
> open_socket(apr_socket_t **sock, request_rec *r)
> {
> //snip
> and
> rv = apr_socket_connect(*sock, sockaddr);
> if (rv) {
> //snip
>
> On 15 June 2010 20:49, Petr Hracek <ph...@gmail.com> wrote:
> > That's a good sentence.
> > You mention:
> >>> if you did auth in your own module there should be accepted stream and
> >>> when it passed auth you must sent it through own module to target
> server.
> >
> > May be this is a my problem. When the request is authorized/authenticated
> by
> > my module how and where I have to sent to the target server.
> > How can I do it? Redirect?
> >
> > Thank you in advance
> > Petr
> >
> >
> > 2010/6/15 basteon <ba...@gmail.com>
> >>
> >> no, about sniffing i meant sniff traffic on the network interface.
> >> I don't know how catch up ReverseProxy requests, but if you did auth
> >> in your own module there should be accepted stream and when it passed
> >> auth you must sent it through own module to target server. or it
> >> should working as proxy you must thinking about sessions
> >> accepted\passed auth, then init auth from own module to target server.
> >>
> >> but, why you did it at all? what's purposes on it double auth?
> >>
> >> On 15/06/2010, Petr Hracek <ph...@gmail.com> wrote:
> >> > But I am using ReverseProxy as well, right?
> >> > I mean in my own module to sniff traffic when the request is
> >> > ReverseProxy
> >> > and them going to the target?
> >> > How I can catch that request is Reverse Proxy (not defined in Browser
> >> > settings)?
> >> > Is that any handler for that case and where should I try to catch the
> >> > request?
> >> > In post_read_request?
> >> > Could you please let me more detailly what do you think?
> >> >
> >> > best regards.
> >> > Petr
> >> >
> >> > 2010/6/14 basteon <ba...@gmail.com>
> >> >
> >> >> I uses reverce proxy, but you can try sniff traffic between proxy and
> >> >> target
> >> >>
> >> >> On 14 June 2010 13:52, Petr Hracek <ph...@gmail.com> wrote:
> >> >> > If you mean that RewriteRule should be like that:
> >> >> >
> >> >> > RewriteMap foo txt:/opt/apache/conf/foo.map
> >> >> > RewriteRule ^/([^/]+)$ ${foo:$1|/$1} [L]
> >> >> > RewriteRule ^/([^/]+)/(.*) ${foo:$1|/opt/apache/htdocs/
> >> >> > ssldocs/$1}/$2 [L]
> >> >> > RewriteRule ^/PAC$ http://192.168.0.23:8080/PACAdmin [P]
> >> >> > RewriteRule ^/PAC/(.*) http://192.168.0.23:8080/PACAdmin/$1 [P]
> >> >> >
> >> >> > Unfortuantelly in this case I see /opt/PAC/htdocs error was not
> found
> >> >> > but this is true because of main index is on the machine
> >> >> 192.168.0.23:8080.
> >> >> >
> >> >> > Therefore I am receiving HTTP error 404.
> >> >> >
> >> >> > Or shall I do?
> >> >> > <IfModule mod_authz_host.c>
> >> >> > <Location "/PAC/">
> >> >> > ProxyPass http://192.168.0.23:8080/PACAdmin
> >> >> > ProxyPassReverse http://192.168.0.23:8080/PACAdmin
> >> >> > ProxyPassReverseCookie /PACAdmin /PAC
> >> >> > AuthType FOOM
> >> >> > require valid-user
> >> >> > satisfy Any
> >> >> > </Location>
> >> >> > </IfModule>
> >> >> >
> >> >> > Thank you in advance
> >> >> >
> >> >> > Petr
> >> >> >
> >> >> >
> >> >> > 2010/6/14 basteon <ba...@gmail.com>
> >> >> >>
> >> >> >> hm, looks like if there double auth, therefore you should put
> client
> >> >> >> account trough your module instead of just redirect these client.
> >> >> >>
> >> >> >> On 14 June 2010 11:36, Petr Hracek <ph...@gmail.com> wrote:
> >> >> >> > Yes this is done simillary in my own module but I have an
> problem.
> >> >> >> > When the URL is authorized (successfully) then URL
> >> >> >> > http://192.168.0.23:8080/PAC is shown as 404 Unknown.
> >> >> >> > Unfortuntatelly I could not find any reason why it is not found
> >> >> because
> >> >> >> > of
> >> >> >> > URL is a Proxy?
> >> >> >> > See my apache2 configuration file
> >> >> >> >
> >> >> >> > Eric mentioned:
> >> >> >> >
> >> >> >> >>>Don't constrain your directives to stuff under <Directory /> if
> >> >> >> >>> you
> >> >> >> > want them to apply to proxy requests. These are never mapped to
> a
> >> >> >> > directory.
> >> >> >> >
> >> >> >> > But Unfortunatelly I do not understand what shall I do. How
> shall
> >> >> >> > I
> >> >> >> > defined
> >> >> >> > my directives.
> >> >> >> > Any help?
> >> >> >> >
> >> >> >> >
> >> >> >> >
> >> >> >> > 2010/6/14 basteon <ba...@gmail.com>
> >> >> >> >>
> >> >> >> >> I guess that you can found reply in man 3 pam and do pam auth
> in
> >> >> >> >> own
> >> >> >> >> module if that necessary.
> >> >> >> >>
> >> >> >> >> On 14 June 2010 18:05, Petr Hracek <ph...@gmail.com> wrote:
> >> >> >> >> > Hello *,
> >> >> >> >> >
> >> >> >> >> > On the target host is done some authorization but I would
> like
> >> >> >> >> > to
> >> >> add
> >> >> >> >> > second
> >> >> >> >> > authorization from my own module.
> >> >> >> >> >
> >> >> >> >> > Unfortunatelly I have found that
> >> >> >> >> > mod_auth_pam is not supported and/or developed any longer.
> >> >> >> >> >
> >> >> >> >> > if there any other module which is supported?
> >> >> >> >> >
> >> >> >> >> > thank you in advance
> >> >> >> >> > Petr
> >> >> >> >> >
> >> >> >> >> > 2010/6/12 basteon <ba...@gmail.com>
> >> >> >> >> >>
> >> >> >> >> >> hi, I guess that you can authorize it in PAM by yourself in
> >> >> >> >> >> own
> >> >> >> >> >> module
> >> >> >> >> >> or uses http-basic auth ready module on the target host or
> >> >> >> >> >> proxy.
> >> >> >> >> >>
> >> >> >> >> >> On 10/06/2010, Petr Hracek <ph...@gmail.com> wrote:
> >> >> >> >> >> > Hello apache users,
> >> >> >> >> >> >
> >> >> >> >> >> > I would like to explain my problem.
> >> >> >> >> >> > I have developed the module which is used for
> authorization
> >> >> >> >> >> > to
> >> >> web
> >> >> >> >> >> > pages.
> >> >> >> >> >> > It works fine without problem but I would like to use that
> >> >> module
> >> >> >> >> >> > for
> >> >> >> >> >> > authorization
> >> >> >> >> >> > of "proxy" requests as well.
> >> >> >> >> >> > Proxy requests are not defined in settings of browser (in
> >> >> Firefox
> >> >> >> >> >> > Tools->Options->LAN settings -> Manual configuration of
> >> >> >> >> >> > proxy).
> >> >> >> >> >> >
> >> >> >> >> >> > In apache conf. file I have following:
> >> >> >> >> >> >
> >> >> >> >> >> > <VirtualHost _default_:443>
> >> >> >> >> >> >
> >> >> >> >> >> > SSLEngine on
> >> >> >> >> >> > SSLProxyEngine on
> >> >> >> >> >> >
> >> >> >> >> >> > RewriteEngine on
> >> >> >> >> >> > RewriteCond %{REQUEST_METHOD} ^TRACE
> >> >> >> >> >> > RewriteRule .* - [F]
> >> >> >> >> >> > RewriteMap foo txt:/opt/apache/conf/foo.map
> >> >> >> >> >> > RewriteRule ^/PAC$ http://192.168.0.23:8080/PACAdmin [P]
> >> >> >> >> >> > RewriteRule ^/PAC/(.*)
> http://192.168.0.23:8080/PACAdmin/$1
> >> >> >> >> >> > [P]
> >> >> >> >> >> > RewriteRule ^/([^/]+)$ ${foo:$1|/$1} [L]
> >> >> >> >> >> > RewriteRule ^/([^/]+)/(.*)
> >> >> >> >> >> > ${foo:$1|/opt/apache/htdocs/ssldocs/$1}/$2
> >> >> >> >> >> > [L]
> >> >> >> >> >> >
> >> >> >> >> >> > <IfModule mod_authz_host.c>
> >> >> >> >> >> > <Directory />
> >> >> >> >> >> > Options +Indexes +Multiviews
> >> >> >> >> >> > AuthType FOOM
> >> >> >> >> >> > require valid-user
> >> >> >> >> >> > satisfy Any
> >> >> >> >> >> > </Directory>
> >> >> >> >> >> > </IfModule>
> >> >> >> >> >> >
> >> >> >> >> >> > <Location "/PAC/">
> >> >> >> >> >> > ProxyPass http://192.168.0.23:8080/PACAdmin
> >> >> >> >> >> > ProxyPassReverse http://192.168.0.23:8080/PACAdmin
> >> >> >> >> >> > ProxyPassReverseCookie /PACAdmin /PAC
> >> >> >> >> >> > Order Allow,deny
> >> >> >> >> >> > Allow from all
> >> >> >> >> >> > </Location>
> >> >> >> >> >> >
> >> >> >> >> >> > How I can used own module for authorization location
> /PAC/?
> >> >> >> >> >> > When user will enter URL http://192.168.0.23:8080/PAC
> >> >> >> >> >> > then firstly my own module will authorized that page and
> >> >> >> >> >> > afterwards
> >> >> >> >> >> > location
> >> >> >> >> >> > /PAC will be shown.
> >> >> >> >> >> > Is it possible to do it somehow?
> >> >> >> >> >> >
> >> >> >> >> >> > Thanks for your help.
> >> >> >> >> >> > --
> >> >> >> >> >> > Best Regards / S pozdravem
> >> >> >> >> >> > Petr Hracek
> >> >> >> >> >> >
> >> >> >> >> >
> >> >> >> >> >
> >> >> >> >> >
> >> >> >> >> > --
> >> >> >> >> > Best Regards / S pozdravem
> >> >> >> >> > Petr Hracek
> >> >> >> >> >
> >> >> >> >
> >> >> >> >
> >> >> >> >
> >> >> >> > --
> >> >> >> > Best Regards / S pozdravem
> >> >> >> > Petr Hracek
> >> >> >> >
> >> >> >
> >> >> >
> >> >> >
> >> >> > --
> >> >> > Best Regards / S pozdravem
> >> >> > Petr Hracek
> >> >> >
> >> >>
> >> >
> >> >
> >> >
> >> > --
> >> > Best Regards / S pozdravem
> >> > Petr Hracek
> >> >
> >
> >
> >
> > --
> > Best Regards / S pozdravem
> > Petr Hracek
> >
>
--
Best Regards / S pozdravem
Petr Hracek