Hi, all I have an apache2.2.22 reverse proxy server running. On the reverse proxy server, it has multiple virtual hosts. Some of them are https connections besides http connection. The backend servers behind the reverse proxy server have either https or http connection with the Apache reverse proxy server. Currently Apache does not authenticate external users. The authentication prompt comes from backend servers if authentication is required. There is one application which is the same from users point view when they access the site either they are in the office or home to login to the server through https authentication which is Microsoft Active Directory based. Now there is a request for the application that for some users when they are in the office, they access the site as usual. When those users are at home, they are not allowed to access the internal site through Apache reverse proxy server. I am thinking adding mod_ldap support on the Apache reverse proxy server to authenticate those users. We can create a group, i.e. deny_access on the Microsoft Active Directory so when the users authenticate through Apache reverse proxy server and if users belong to that group then the access is denied. Is this possible? Thanks. Ryan Jiang This message (including any attachments) is intended solely for the specific individual(s) or entity(ies) named above, and may contain legally privileged and confidential information. If you are not the intended recipient, please notify the sender immediately by replying to this message and then delete it. Any disclosure, copying, or distribution of this message, or the taking of any action based on it, by other than the intended recipient, is strictly prohibited.
|