Hello all!I'm having trouble with a proxy setup, where I need to generate a REMOTE_USER variable for a cgi-script, but also allow no-authenticated use.
The setup to allow authentication ether by http-auth and remote ip, and then froward the calls to an inner server where the cgi-program checks for the presence of REMOTE_USER in the environment or else uses REMOTE_ADDR (which I extract from HTTP_X_FORWARDED_FOR in a wrapper script). I cant seem to get this working :-(
the current config is on these lines:
first server:
<Location /service>
AuthType Basic
AuthName "Service domain"
AuthUserFile /etc/apache2/passwd/servicepasswd
order deny,allow
deny from all
Include /etc/apache2/passwd/servicedomains
require valid-user
satisfy any
</Location>
RewriteRule ^/service/?(.*) http://inner-server/service/$1 [P]
Inner server (in service/.htaccess):
AuthUserFile /www/conf/servicepasswd
AuthName "Service domain"
AuthType Basic
order deny,allow
In this basic setup, nothing works :-) (well I can login and see the
application but the application wont get a REMOTE_USER variable), if I
add a "require valid-user" on the inner server in works for
authenticated user but login via ip-number stops working. After half a
day of of searching the documentation and trying various combinations of
"Allow from <first server ip>", "satisfy any" etc. I'm stumped.
Anyone go any ideas how to do this? Best regards /jp -- jens persson # Don't spend more on programs, Debian <jens@xxxxxxxxxx> # -- Subject on a spam to Mäster Olofsväg 24 # debian-user-swedish S-224 66 LUND;SWEDEN # --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|