Hi Apache users,
I'm running Apache 2.2.22 on Ubuntu server 12.04 as a reverse proxy to some internal services, including Exchange/OWA 2003. I have setup a site login page where users authenticate before they can access these services. This works fine, but now I want to avoid users having to authenticate a second time to access their OWA mailbox.
To do this I've setup a form which is pre-filled with the User ID, password and some other details. This works if I post it directly to the Exchange server, eg.
<form id="logonForm" name="logonForm" formtarget="_self" action="" href="https://ExchangeServer/exchweb/bin/auth/owaauth.dll" target="_blank">"https://ExchangeServer/exchweb/bin/auth/owaauth.dll" method="post">
<input type="hidden" name="destination" value="https://ExchangeServer/exchange" />
But fails if I post via the reverse proxy, eg.
<form id="logonForm" name="logonForm" formtarget="_self" action="" method="post">
<input type="hidden" name="destination" value="/exchange" />
The relevant section of the virtual host file is:
# OWA links
<Location /exchange>
ProxyPass https://ExchangeServer/exchange
ProxyPassReverse https://ExchangeServer/exchange
SSLRequireSSL
</Location>
<Location /exchweb>
ProxyPass https://ExchangeServer/exchweb
ProxyPassReverse https://ExchangeServer/exchweb
SSLRequireSSL
</Location>
The only error I receive is a "440 Login Timeout" from the Exchange server. I suspect it may be a cookie issue but I'm not really sure. As I said the form auto login works fine if I use the Exchange server directly rather than through the reverse proxy so I think it is an issue with my mod_rewrite config.
Any suggestions or advice would be much appreciated
|