2010/6/15 basteon <basteon@xxxxxxxxx>--hm, redirect itsn't proxing , as i understood ;) redirect it's wen you
communicate client and target server directly and no proxing anymore.
in case todo proxy in your module there should be server and client
parts, I've not seen your module, maybe it's under NDA, and so on...
but you can have a look at scgi module there client in apache api, but
it working in another way. there...
static apr_status_t
open_socket(apr_socket_t **sock, request_rec *r)
{
//snip
and
rv = apr_socket_connect(*sock, sockaddr);
if (rv) {
//snip
On 15 June 2010 20:49, Petr Hracek <phracek2@xxxxxxxxx> wrote:
> That's a good sentence.
> You mention:
>>> if you did auth in your own module there should be accepted stream and
>>> when it passed auth you must sent it through own module to target server.
>
> May be this is a my problem. When the request is authorized/authenticated by
> my module how and where I have to sent to the target server.
> How can I do it? Redirect?
>
> Thank you in advance
> Petr
>
>
> 2010/6/15 basteon <basteon@xxxxxxxxx>
>>
>> no, about sniffing i meant sniff traffic on the network interface.
>> I don't know how catch up ReverseProxy requests, but if you did auth
>> in your own module there should be accepted stream and when it passed
>> auth you must sent it through own module to target server. or it
>> should working as proxy you must thinking about sessions
>> accepted\passed auth, then init auth from own module to target server.
>>
>> but, why you did it at all? what's purposes on it double auth?
>>
>> On 15/06/2010, Petr Hracek <phracek2@xxxxxxxxx> wrote:
>> > But I am using ReverseProxy as well, right?
>> > I mean in my own module to sniff traffic when the request is
>> > ReverseProxy
>> > and them going to the target?
>> > How I can catch that request is Reverse Proxy (not defined in Browser
>> > settings)?
>> > Is that any handler for that case and where should I try to catch the
>> > request?
>> > In post_read_request?
>> > Could you please let me more detailly what do you think?
>> >
>> > best regards.
>> > Petr
>> >
>> > 2010/6/14 basteon <basteon@xxxxxxxxx>
>> >
>> >> I uses reverce proxy, but you can try sniff traffic between proxy and
>> >> target
>> >>
>> >> On 14 June 2010 13:52, Petr Hracek <phracek2@xxxxxxxxx> wrote:
>> >> > If you mean that RewriteRule should be like that:
>> >> >
>> >> > RewriteMap foo txt:/opt/apache/conf/foo.map
>> >> > RewriteRule ^/([^/]+)$ ${foo:$1|/$1} [L]
>> >> > RewriteRule ^/([^/]+)/(.*) ${foo:$1|/opt/apache/htdocs/
>> >> > ssldocs/$1}/$2 [L]
>> >> > RewriteRule ^/PAC$ http://192.168.0.23:8080/PACAdmin [P]
>> >> > RewriteRule ^/PAC/(.*) http://192.168.0.23:8080/PACAdmin/$1 [P]
>> >> >
>> >> > Unfortuantelly in this case I see /opt/PAC/htdocs error was not found
>> >> > but this is true because of main index is on the machine
>> >> 192.168.0.23:8080.
>> >> >
>> >> > Therefore I am receiving HTTP error 404.
>> >> >
>> >> > Or shall I do?
>> >> > <IfModule mod_authz_host.c>
>> >> > <Location "/PAC/">
>> >> > ProxyPass http://192.168.0.23:8080/PACAdmin
>> >> > ProxyPassReverse http://192.168.0.23:8080/PACAdmin
>> >> > ProxyPassReverseCookie /PACAdmin /PAC
>> >> > AuthType FOOM
>> >> > require valid-user
>> >> > satisfy Any
>> >> > </Location>
>> >> > </IfModule>
>> >> >
>> >> > Thank you in advance
>> >> >
>> >> > Petr
>> >> >
>> >> >
>> >> > 2010/6/14 basteon <basteon@xxxxxxxxx>
>> >> >>
>> >> >> hm, looks like if there double auth, therefore you should put client
>> >> >> account trough your module instead of just redirect these client.
>> >> >>
>> >> >> On 14 June 2010 11:36, Petr Hracek <phracek2@xxxxxxxxx> wrote:
>> >> >> > Yes this is done simillary in my own module but I have an problem.
>> >> >> > When the URL is authorized (successfully) then URL
>> >> >> > http://192.168.0.23:8080/PAC is shown as 404 Unknown.
>> >> >> > Unfortuntatelly I could not find any reason why it is not found
>> >> because
>> >> >> > of
>> >> >> > URL is a Proxy?
>> >> >> > See my apache2 configuration file
>> >> >> >
>> >> >> > Eric mentioned:
>> >> >> >
>> >> >> >>>Don't constrain your directives to stuff under <Directory /> if
>> >> >> >>> you
>> >> >> > want them to apply to proxy requests. These are never mapped to a
>> >> >> > directory.
>> >> >> >
>> >> >> > But Unfortunatelly I do not understand what shall I do. How shall
>> >> >> > I
>> >> >> > defined
>> >> >> > my directives.
>> >> >> > Any help?
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> > 2010/6/14 basteon <basteon@xxxxxxxxx>
>> >> >> >>
>> >> >> >> I guess that you can found reply in man 3 pam and do pam auth in
>> >> >> >> own
>> >> >> >> module if that necessary.
>> >> >> >>
>> >> >> >> On 14 June 2010 18:05, Petr Hracek <phracek2@xxxxxxxxx> wrote:
>> >> >> >> > Hello *,
>> >> >> >> >
>> >> >> >> > On the target host is done some authorization but I would like
>> >> >> >> > to
>> >> add
>> >> >> >> > second
>> >> >> >> > authorization from my own module.
>> >> >> >> >
>> >> >> >> > Unfortunatelly I have found that
>> >> >> >> > mod_auth_pam is not supported and/or developed any longer.
>> >> >> >> >
>> >> >> >> > if there any other module which is supported?
>> >> >> >> >
>> >> >> >> > thank you in advance
>> >> >> >> > Petr
>> >> >> >> >
>> >> >> >> > 2010/6/12 basteon <basteon@xxxxxxxxx>
>> >> >> >> >>
>> >> >> >> >> hi, I guess that you can authorize it in PAM by yourself in
>> >> >> >> >> own
>> >> >> >> >> module
>> >> >> >> >> or uses http-basic auth ready module on the target host or
>> >> >> >> >> proxy.
>> >> >> >> >>
>> >> >> >> >> On 10/06/2010, Petr Hracek <phracek2@xxxxxxxxx> wrote:
>> >> >> >> >> > Hello apache users,
>> >> >> >> >> >
>> >> >> >> >> > I would like to explain my problem.
>> >> >> >> >> > I have developed the module which is used for authorization
>> >> >> >> >> > to
>> >> web
>> >> >> >> >> > pages.
>> >> >> >> >> > It works fine without problem but I would like to use that
>> >> module
>> >> >> >> >> > for
>> >> >> >> >> > authorization
>> >> >> >> >> > of "proxy" requests as well.
>> >> >> >> >> > Proxy requests are not defined in settings of browser (in
>> >> Firefox
>> >> >> >> >> > Tools->Options->LAN settings -> Manual configuration of
>> >> >> >> >> > proxy).
>> >> >> >> >> >
>> >> >> >> >> > In apache conf. file I have following:
>> >> >> >> >> >
>> >> >> >> >> > <VirtualHost _default_:443>
>> >> >> >> >> >
>> >> >> >> >> > SSLEngine on
>> >> >> >> >> > SSLProxyEngine on
>> >> >> >> >> >
>> >> >> >> >> > RewriteEngine on
>> >> >> >> >> > RewriteCond %{REQUEST_METHOD} ^TRACE
>> >> >> >> >> > RewriteRule .* - [F]
>> >> >> >> >> > RewriteMap foo txt:/opt/apache/conf/foo.map
>> >> >> >> >> > RewriteRule ^/PAC$ http://192.168.0.23:8080/PACAdmin [P]
>> >> >> >> >> > RewriteRule ^/PAC/(.*) http://192.168.0.23:8080/PACAdmin/$1
>> >> >> >> >> > [P]
>> >> >> >> >> > RewriteRule ^/([^/]+)$ ${foo:$1|/$1} [L]
>> >> >> >> >> > RewriteRule ^/([^/]+)/(.*)
>> >> >> >> >> > ${foo:$1|/opt/apache/htdocs/ssldocs/$1}/$2
>> >> >> >> >> > [L]
>> >> >> >> >> >
>> >> >> >> >> > <IfModule mod_authz_host.c>
>> >> >> >> >> > <Directory />
>> >> >> >> >> > Options +Indexes +Multiviews
>> >> >> >> >> > AuthType FOOM
>> >> >> >> >> > require valid-user
>> >> >> >> >> > satisfy Any
>> >> >> >> >> > </Directory>
>> >> >> >> >> > </IfModule>
>> >> >> >> >> >
>> >> >> >> >> > <Location "/PAC/">
>> >> >> >> >> > ProxyPass http://192.168.0.23:8080/PACAdmin
>> >> >> >> >> > ProxyPassReverse http://192.168.0.23:8080/PACAdmin
>> >> >> >> >> > ProxyPassReverseCookie /PACAdmin /PAC
>> >> >> >> >> > Order Allow,deny
>> >> >> >> >> > Allow from all
>> >> >> >> >> > </Location>
>> >> >> >> >> >
>> >> >> >> >> > How I can used own module for authorization location /PAC/?
>> >> >> >> >> > When user will enter URL http://192.168.0.23:8080/PAC
>> >> >> >> >> > then firstly my own module will authorized that page and
>> >> >> >> >> > afterwards
>> >> >> >> >> > location
>> >> >> >> >> > /PAC will be shown.
>> >> >> >> >> > Is it possible to do it somehow?
>> >> >> >> >> >
>> >> >> >> >> > Thanks for your help.
>> >> >> >> >> > --
>> >> >> >> >> > Best Regards / S pozdravem
>> >> >> >> >> > Petr Hracek
>> >> >> >> >> >
>> >> >> >> >
>> >> >> >> >
>> >> >> >> >
>> >> >> >> > --
>> >> >> >> > Best Regards / S pozdravem
>> >> >> >> > Petr Hracek
>> >> >> >> >
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> > --
>> >> >> > Best Regards / S pozdravem
>> >> >> > Petr Hracek
>> >> >> >
>> >> >
>> >> >
>> >> >
>> >> > --
>> >> > Best Regards / S pozdravem
>> >> > Petr Hracek
>> >> >
>> >>
>> >
>> >
>> >
>> > --
>> > Best Regards / S pozdravem
>> > Petr Hracek
>> >
>
>
>
> --
> Best Regards / S pozdravem
> Petr Hracek
>
Best Regards / S pozdravem
Petr Hracek
|