FAQ
Hi,

I’m trying to install reverse proxy with Apache. But ldap authentication
doen’t seem to work.

When I directly access to the internal website (web.newdomain.com) : no
problem, I have an authentication popup.

When I access via reverse proxy, there is no authentication popup and it
doesn’t work.

I don’t understand why I don’t have authentication popup with reverse
proxy. I can see to logs the “GET /” in both situations…

Someone can help me ?

Regards,





My virtualhosts for reverse proxy :

<VirtualHost reverse-pxy.mydomain.com:80>
ServerAdmin webmaster@mydomain.com
ServerName reverse-pxy.mydomain.com

RedirectPermanent / https://reverse-pxy.mydomain.com/

ErrorLog ${APACHE_LOG_DIR}/error_reverse_80.log

# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn

CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>



<VirtualHost reverse-pxy.mydomain.com:443>
ServerAdmin webmaster@mydomain.com
ServerName reverse-pxy.mydomain.com


ProxyRequests On
ProxyVia full

ProxyPass /server-status !
ProxyPass / http://web.newdomain.com/
ProxyPassReverse / http://web.newdomain.com/


ErrorLog ${APACHE_LOG_DIR}/error.log

# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel error

CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined

SSLEngine on
SSLCertificateFile server.crt
SSLCertificateKeyFile server.key

</VirtualHost>



My virtualhosts for internal web server :

<VirtualHost web.newdomain.com:80>
ServerAdmin webmaster@web.newdomain.com
ServerName web.newdomain.com

DocumentRoot /var/www/auth

Alias /no_auth /var/www/no_auth
<Directory "/var/www/no_auth">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>

ErrorLog ${APACHE_LOG_DIR}/error.log

# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel debug

CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>


<VirtualHost web.newdomain.com:443>
ServerAdmin webmaster@web.newdomain.com
ServerName web.newdomain.com

DocumentRoot /var/www/auth
<Directory />
Options FollowSymLinks
AllowOverride None
Order allow,deny
allow from all
deny from all

AuthType Basic
AuthName "Acces intranet"
AuthBasicProvider ldap
AuthBasicAuthoritative On
AuthzLDAPAuthoritative Off
AuthLDAPBindDN cn=apache,dc=newdomain,dc=com
AuthLDAPBindPassword a_password
AuthLDAPURL "ldap://192.168.0.1
192.168.0.2/ou=myproject,dc=newdomain,dc=com?uid?sub?(objectClass=*)"
</Directory>

<Directory "/var/www/auth">
Options -Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
Require valid-user
</Directory>

Alias /no_auth /var/www/no_auth
<Directory "/var/www/no_auth">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>


ErrorLog ${APACHE_LOG_DIR}/error.log

LogLevel error

CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined

# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
SSLCertificateFile server.crt
SSLCertificateKeyFile server.key
</VirtualHost>




See reverse proxy logs :

==> access.log <==
"GET /index.php HTTP/1.0" 302 688 "-" "Mozilla/4.0 (compatible; ....)"
"GET /logout.php HTTP/1.0" 200 11699 "-" "Mozilla/4.0 (compatible; ....)"



And internal webserver logs :

"GET /index.php HTTP/1.1" 302 412 "-" "Mozilla/4.0 (compatible; ....)"

==> error.log <==
[error] [client ***ip reverse***] PHP Notice: Undefined index: SESSION in
/var/www/auth/...../fichier.php on line **


==> access.log <==
"GET /logout.php HTTP/1.1" 200 11346 "-" "Mozilla/4.0 (compatible; ....)"



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Search Discussions

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupusers @
categoriesapache
postedOct 3, '11 at 1:44p
activeOct 3, '11 at 1:44p
posts1
users1
websitehttpd.apache.org
irc#httpd

1 user in discussion

Aurélien PROVIN: 1 post

People

Translate

site design / logo © 2022 Grokbase