Hello,
We are successfuly using a great piece of code, modNTLM (sets REMOTE_USER request variable to "PRAHA\Kolek_R" for example), on our intranet server. We are implementing security on "LOCATION" container (see uncommented part of httpd.conf bellow). Everything works fine till time we tried to apply security on "remote" location. In other words security on "local" location only works fine.
So, the question is, how we have to setup apache to behave the same way in respect of "remote" locations ? The redirection to remote location we implemented through ProxyPass and ProxyPassReverse directives as You can see bellow in commented section. It works well except of discovering the username of incomming user. It can be seen in access.log file too.
Note that "remote" location is placed on our application server and apache serves as its frontend.
Please help and & thanks in advance for Your time and answer,
Radim.
access.log entry in case of "local" location, proxy entries stays commented
********************************************************
160.218.101.56 - PRAHA\Kolek_R [29/May/2002:10:39:29 +0200] "GET /webstore/test.jsp HTTP/1.1" 404 319
access.log entry in case of "remote" location, proxy entries are uncommented
**********************************************************
160.218.101.56 - - [29/May/2002:10:39:27 +0200] "GET /webstore/test.jsp HTTP/1.1" 401 505
piece of httpd.conf file
*****************
...
#<IfModule mod_proxy.c>
# ProxyRequests On
# ProxyPass /webstore/ # ProxyPassReverse /webstore/ #</IfModule>
<Location /webstore>
Order deny,allow
Deny from all
AuthType NTLM
AuthName "WebStore"
NTLMAuth On
NTLMAuthoritative On
NTLMOfferBasic Off
require valid-user
satisfy any
</Location>
...
We are successfuly using a great piece of code, modNTLM (sets REMOTE_USER request variable to "PRAHA\Kolek_R" for example), on our intranet server. We are implementing security on "LOCATION" container (see uncommented part of httpd.conf bellow). Everything works fine till time we tried to apply security on "remote" location. In other words security on "local" location only works fine.
So, the question is, how we have to setup apache to behave the same way in respect of "remote" locations ? The redirection to remote location we implemented through ProxyPass and ProxyPassReverse directives as You can see bellow in commented section. It works well except of discovering the username of incomming user. It can be seen in access.log file too.
Note that "remote" location is placed on our application server and apache serves as its frontend.
Please help and & thanks in advance for Your time and answer,
Radim.
access.log entry in case of "local" location, proxy entries stays commented
********************************************************
160.218.101.56 - PRAHA\Kolek_R [29/May/2002:10:39:29 +0200] "GET /webstore/test.jsp HTTP/1.1" 404 319
access.log entry in case of "remote" location, proxy entries are uncommented
**********************************************************
160.218.101.56 - - [29/May/2002:10:39:27 +0200] "GET /webstore/test.jsp HTTP/1.1" 401 505
piece of httpd.conf file
*****************
...
#<IfModule mod_proxy.c>
# ProxyRequests On
# ProxyPass /webstore/ # ProxyPassReverse /webstore/ #</IfModule>
<Location /webstore>
Order deny,allow
Deny from all
AuthType NTLM
AuthName "WebStore"
NTLMAuth On
NTLMAuthoritative On
NTLMOfferBasic Off
require valid-user
satisfy any
</Location>
...