Hi,
I?m trying to install reverse proxy with Apache. But ldap authentication
doen?t seem to work.
When I directly access to the internal website (web.newdomain.com) : no
problem, I have an authentication popup.
When I access via reverse proxy, there is no authentication popup and it
doesn?t work.
I don?t understand why I don?t have authentication popup with reverse
proxy. I can see to logs the ?GET /? in both situations?
Someone can help me ?
Regards,
My virtualhosts for reverse proxy :
<VirtualHost reverse-pxy.mydomain.com:80>
ServerAdmin webmaster@xxxxxxxxxxxx
ServerName reverse-pxy.mydomain.com
RedirectPermanent / https://reverse-pxy.mydomain.com/
ErrorLog ${APACHE_LOG_DIR}/error_reverse_80.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost reverse-pxy.mydomain.com:443>
ServerAdmin webmaster@xxxxxxxxxxxx
ServerName reverse-pxy.mydomain.com
ProxyRequests On
ProxyVia full
ProxyPass /server-status !
ProxyPass / http://web.newdomain.com/
ProxyPassReverse / http://web.newdomain.com/
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel error
CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined
SSLEngine on
SSLCertificateFile server.crt
SSLCertificateKeyFile server.key
</VirtualHost>
My virtualhosts for internal web server :
<VirtualHost web.newdomain.com:80>
ServerAdmin webmaster@xxxxxxxxxxxxxxxxx
ServerName web.newdomain.com
DocumentRoot /var/www/auth
Alias /no_auth /var/www/no_auth
<Directory "/var/www/no_auth">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel debug
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost web.newdomain.com:443>
ServerAdmin webmaster@xxxxxxxxxxxxxxxxx
ServerName web.newdomain.com
DocumentRoot /var/www/auth
<Directory />
Options FollowSymLinks
AllowOverride None
Order allow,deny
allow from all
deny from all
AuthType Basic
AuthName "Acces intranet"
AuthBasicProvider ldap
AuthBasicAuthoritative On
AuthzLDAPAuthoritative Off
AuthLDAPBindDN cn=apache,dc=newdomain,dc=com
AuthLDAPBindPassword a_password
AuthLDAPURL "ldap://192.168.0.1
192.168.0.2/ou=myproject,dc=newdomain,dc=com?uid?sub?(objectClass=*)"
</Directory>
<Directory "/var/www/auth">
Options -Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
Require valid-user
</Directory>
Alias /no_auth /var/www/no_auth
<Directory "/var/www/no_auth">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel error
CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
SSLCertificateFile server.crt
SSLCertificateKeyFile server.key
</VirtualHost>
See reverse proxy logs :
==> access.log <==
"GET /index.php HTTP/1.0" 302 688 "-" "Mozilla/4.0 (compatible; ....)"
"GET /logout.php HTTP/1.0" 200 11699 "-" "Mozilla/4.0 (compatible; ....)"
And internal webserver logs :
"GET /index.php HTTP/1.1" 302 412 "-" "Mozilla/4.0 (compatible; ....)"
==> error.log <==
[error] [client ***ip reverse***] PHP Notice: Undefined index: SESSION in
/var/www/auth/...../fichier.php on line **
==> access.log <==
"GET /logout.php HTTP/1.1" 200 11346 "-" "Mozilla/4.0 (compatible; ....)"
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|