You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Thomas Eckert <th...@gmail.com> on 2013/12/05 19:19:17 UTC

Re: [users@httpd] Automatic OWA Form Based Authentication thru reverse proxy

I've tried something simliar but didn't get it working. I would be
interested in how your attempts on automatic-form-filling-in worked out -
and if they did also in the "how" ;-)


On Thu, Nov 28, 2013 at 11:48 AM, iridium1191 <ir...@gmail.com> wrote:

>  Hi Apache users,
>
> I'm running Apache 2.2.22 on Ubuntu server 12.04 as a reverse proxy to
> some internal services, including Exchange/OWA 2003. I have setup a site
> login page where users authenticate before they can access these services.
> This works fine, but now I want to avoid users having to authenticate a
> second time to access their OWA mailbox.
>
> To do this I've setup a form which is pre-filled with the User ID,
> password and some other details. This works if I post it directly to the
> Exchange server, eg.
>
> <form id="logonForm" name="logonForm" formtarget="_self" action=
> "https://ExchangeServer/exchweb/bin/auth/owaauth.dll"<https://ExchangeServer/exchweb/bin/auth/owaauth.dll>method="post">
>
>       <input type="hidden" name="destination" value=
> "https://ExchangeServer/exchange" <https://ExchangeServer/exchange> />
>
>  But fails if I post via the reverse proxy, eg.
>
>  <form id="logonForm" name="logonForm" formtarget="_self"
> action="/exchange/bin/auth/owaauth.dll" method="post">
>       <input type="hidden" name="destination" value="/exchange" />
>
>  The relevant section of the virtual host file is:
>
>  # OWA links
> <Location /exchange>
> ProxyPass https://ExchangeServer/exchange
> ProxyPassReverse https://ExchangeServer/exchange
> SSLRequireSSL
> </Location>
>
> <Location /exchweb>
> ProxyPass https://ExchangeServer/exchweb
> ProxyPassReverse https://ExchangeServer/exchweb
> SSLRequireSSL
> </Location>
>
> The only error I receive is a "440 Login Timeout" from the Exchange
> server. I suspect it may be a cookie issue but I'm not really sure. As I
> said the form auto login works fine if I use the Exchange server directly
> rather than through the reverse proxy so I think it is an issue with my
> mod_rewrite config.
>
> Any suggestions or advice would be much appreciated
>