Re: Authentication BEFORE proxying

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Ajay,

2017-04-08 8:23 GMT+02:00 Ajay Garg <ajaygargnsit@xxxxxxxxx>:
Hi All.

If I setup the following in a virtual-host,

####################################################################################
Listen 9001
<VirtualHost *:9001>
        DocumentRoot /var/www/html

        <Directory "/var/www/html">
            AuthType Basic
            AuthName "Restricted Content"
            AuthUserFile /home/f5a6b457ba0d416cb4847bb3c4c6e6b6/.htpasswd
            Require valid-user
        </Directory>

        ProxyPass / http://127.0.0.1:9000/
        ProxyPassReverse / http://127.0.0.1:9000/

</VirtualHost>
#####################################################################################


and I type http://1.2.3.4:9001 in the browser, I get taken directly to the proxy-address, without the auth-dialog popping up.

If however, I remove the "ProxyPass" and "ProxyPassReverse" directives, and I type the same http://1.2.3.4:9001 in the broswer, the auth-dialog pops up as expected.

From what I can see in the config you are adding auth directives only to the "/var/www/html" Directory context, and the proxying to the Virtual Host one. 

More info about configuration sections: http://httpd.apache.org/docs/current/sections.html
 
Is there a way to first let the auth-dialog pop-up, and only if credentials are correct, to move to the proxy-address?

I would try with a <Location> block containing ProxyPass/ProxyPassReverse and Auth/Require directives.

Hope that helps!

Luca

[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux