|
Hi,
I finally solved the problem myself by modifying the source code
of mod_proxy_http.c:
Line 1697:
apr_table_do(addit_dammit, save_table, r->headers_out,
"Set-Cookie", NULL);
-->
apr_table_do(addit_dammit, save_table, r->headers_out,
"Set-Cookie", "Authentication-Info", NULL);
Cheers
On 27/03/2013 13:23, Nicolas Daniels wrote:
Ok, I was probably not clear enough
;-)
First I'm using mod_proxy_http and DIGEST authentication.
Authentication-Info header is part of digest authentication:
http://rfc-ref.org/RFC-TEXTS/2069/chapter2.html
Lets say I've 2 accessed URLs:
http://mydomain.com/index.html
http://mydomain.com/tomcat/index.html
Both are using digest authentication on apache.
Proxy is configured as follow:
ProxyPass /tomcat http://mytomcat.com/bla
ProxyPassReverse /tomcat http://mytomcat.com/bla
So http://mydomain.com/index.html
is replied directly by apache and http://mydomain.com/tomcat/index.html
is proxied to tomcat.
1st case: Authentication-Info replied
> GET /index.html HTTP/1.1
> User-Agent: curl/7.29.0
> Host: mydomain.com
> Accept: */*
< HTTP/1.1 401 Unauthorized
< Date: Wed, 27 Mar 2013 11:24:18 GMT
< Server: Apache/2.4.4 (Unix)
< WWW-Authenticate: Digest realm="bla",
nonce="nxteR+bYBAA=9c9e9d4176b1ff722c18122c2a3a9af3d52b6e8a",
algorithm=MD5, qop="auth"
< Content-Length: 381
< Content-Type: text/html; charset=iso-8859-1
> GET /index.html HTTP/1.1
> Authorization: Digest username="username", realm="bla",
nonce="nxteR+bYBAA=9c9e9d4176b1ff722c18122c2a3a9af3d52b6e8a",
uri="/index.html", cnonce
="ICAgICAgICAgICAgICAgICAgICAgICAgICAxNDEyNjc=",
nc=00000001, qop=auth,
response="bbfa7dqsdqs2c014d85sqdzaab1", algorithm="MD5"
> User-Agent: curl/7.29.0
> Host: mydomain.com
> Accept: */*
< HTTP/1.1 200 OK
< Date: Wed, 27 Mar 2013 11:24:18 GMT
< Server: Apache/2.4.4 (Unix)
< Authentication-Info:
rspauth="efbdcdsqdsqhiaaazqds4eee3c1",
cnonce="ICAgICAgICAgICAgICAgICAgICAgICAgICAxNDEyNjc=",
nc=00000001, qop=auth
< Last-Modified: Tue, 19 Feb 2013 08:24:06 GMT
< ETag: "22-4d60f909e7580"
< Accept-Ranges: bytes
< Content-Length: 34
< Content-Type: text/plain
....
2nd case: Authentication-Info not replied
> GET /tomcat/index.html HTTP/1.1
> User-Agent: curl/7.29.0
> Host: mydomain.com
> Accept: */*
< HTTP/1.1 401 Unauthorized
< Date: Wed, 27 Mar 2013 12:15:25 GMT
< Server: Apache/2.4.4 (Unix)
< WWW-Authenticate: Digest realm="bla",
nonce="5X4sqdsqdsqd456sq4dsq4d65sq78zf599bbd478c",
algorithm=MD5, qop="auth"
< Content-Length: 381
< Content-Type: text/html; charset=iso-8859-1
> GET /tomcat/index.html HTTP/1.1
> Authorization: Digest username="username", realm="bla",
nonce="5X4sqdsqdsqd456sq4dsq4d65sq78zf599bbd478c",
uri="/tomcat/index.html",
cnonce="ICAgICAgICAgICAgICAgICAgICAgICAgICA0NDk5NzM=",
nc=00000001, qop=auth,
response="cf10890c9dsqdsqef3bd248dsqdsqec34",
algorithm="MD5"
> User-Agent: curl/7.29.0
> Host: mydomain.com
> Accept: */*
< HTTP/1.1 200 OK
< Date: Wed, 27 Mar 2013 12:15:27 GMT
< Server: Apache-Coyote/1.1
< Content-Type: application/json
< Content-Length: 142
.....
So my question is, is there any way to have Apache reply this
Authentication-Info in both case ? I guess the reverse proxy
should add is somehow...
Thanks !
On 27/03/2013 13:00, Nick Kew wrote:
On 27 Mar 2013, at 11:39, Nicolas Daniels wrote:
Everything work fine except that when the proxy is used, the Authentication-Info header is not included in the response. If Apache is replying directly without using the proxy, it is included.
There's no such header in HTTP. Why not tell us exactly what you mean?
|
