|
Ok, I was probably not clear enough ;-)
First I'm using mod_proxy_http and DIGEST authentication. Authentication-Info header is part of digest authentication: http://rfc-ref.org/RFC-TEXTS/2069/chapter2.html Lets say I've 2 accessed URLs: http://mydomain.com/index.html http://mydomain.com/tomcat/index.html Both are using digest authentication on apache. Proxy is configured as follow: ProxyPass /tomcat http://mytomcat.com/bla ProxyPassReverse /tomcat http://mytomcat.com/blaSo http://mydomain.com/index.html is replied directly by apache and http://mydomain.com/tomcat/index.html is proxied to tomcat. 1st case: Authentication-Info replied > GET /index.html HTTP/1.1 > User-Agent: curl/7.29.0 > Host: mydomain.com > Accept: */* < HTTP/1.1 401 Unauthorized < Date: Wed, 27 Mar 2013 11:24:18 GMT < Server: Apache/2.4.4 (Unix) < WWW-Authenticate: Digest realm="bla", nonce="nxteR+bYBAA=9c9e9d4176b1ff722c18122c2a3a9af3d52b6e8a", algorithm=MD5, qop="auth" < Content-Length: 381 < Content-Type: text/html; charset=iso-8859-1 > GET /index.html HTTP/1.1 > Authorization: Digest username="username", realm="bla", nonce="nxteR+bYBAA=9c9e9d4176b1ff722c18122c2a3a9af3d52b6e8a", uri="/index.html", cnonce ="ICAgICAgICAgICAgICAgICAgICAgICAgICAxNDEyNjc=", nc=00000001, qop=auth, response="bbfa7dqsdqs2c014d85sqdzaab1", algorithm="MD5" > User-Agent: curl/7.29.0 > Host: mydomain.com > Accept: */* < HTTP/1.1 200 OK < Date: Wed, 27 Mar 2013 11:24:18 GMT < Server: Apache/2.4.4 (Unix) < Authentication-Info: rspauth="efbdcdsqdsqhiaaazqds4eee3c1", cnonce="ICAgICAgICAgICAgICAgICAgICAgICAgICAxNDEyNjc=", nc=00000001, qop=auth < Last-Modified: Tue, 19 Feb 2013 08:24:06 GMT < ETag: "22-4d60f909e7580" < Accept-Ranges: bytes < Content-Length: 34 < Content-Type: text/plain .... 2nd case: Authentication-Info not replied > GET /tomcat/index.html HTTP/1.1 > User-Agent: curl/7.29.0 > Host: mydomain.com > Accept: */* < HTTP/1.1 401 Unauthorized < Date: Wed, 27 Mar 2013 12:15:25 GMT < Server: Apache/2.4.4 (Unix) < WWW-Authenticate: Digest realm="bla", nonce="5X4sqdsqdsqd456sq4dsq4d65sq78zf599bbd478c", algorithm=MD5, qop="auth" < Content-Length: 381 < Content-Type: text/html; charset=iso-8859-1 > GET /tomcat/index.html HTTP/1.1 > Authorization: Digest username="username", realm="bla", nonce="5X4sqdsqdsqd456sq4dsq4d65sq78zf599bbd478c", uri="/tomcat/index.html", cnonce="ICAgICAgICAgICAgICAgICAgICAgICAgICA0NDk5NzM=", nc=00000001, qop=auth, response="cf10890c9dsqdsqef3bd248dsqdsqec34", algorithm="MD5" > User-Agent: curl/7.29.0 > Host: mydomain.com > Accept: */* < HTTP/1.1 200 OK < Date: Wed, 27 Mar 2013 12:15:27 GMT < Server: Apache-Coyote/1.1 < Content-Type: application/json < Content-Length: 142 ..... So my question is, is there any way to have Apache reply this Authentication-Info in both case ? I guess the reverse proxy should add is somehow... Thanks ! On 27/03/2013 13:00, Nick Kew wrote: On 27 Mar 2013, at 11:39, Nicolas Daniels wrote:Everything work fine except that when the proxy is used, the Authentication-Info header is not included in the response. If Apache is replying directly without using the proxy, it is included.There's no such header in HTTP. Why not tell us exactly what you mean? |
|