httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aurélien PROVIN <apro...@linux62.org>
Subject [users@httpd] reverse proxy and ldap authentication
Date Mon, 03 Oct 2011 13:43:46 GMT
Hi,

I’m trying to install reverse proxy with Apache. But ldap authentication
doen’t seem to work.

When I directly access to the internal website (web.newdomain.com) : no
problem, I have an authentication popup.

When I access via reverse proxy, there is no authentication popup and it
doesn’t work.

I don’t understand why I don’t have authentication popup with reverse
proxy. I can see to logs the “GET /”  in both situations…

Someone can help me ?

Regards,





My virtualhosts for reverse proxy :

<VirtualHost reverse-pxy.mydomain.com:80>
        ServerAdmin webmaster@mydomain.com
        ServerName reverse-pxy.mydomain.com

        RedirectPermanent       /       https://reverse-pxy.mydomain.com/

        ErrorLog ${APACHE_LOG_DIR}/error_reverse_80.log

        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel warn

        CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>



<VirtualHost reverse-pxy.mydomain.com:443>
        ServerAdmin webmaster@mydomain.com
        ServerName reverse-pxy.mydomain.com


	ProxyRequests On
        ProxyVia full

        ProxyPass /server-status !
        ProxyPass / http://web.newdomain.com/
        ProxyPassReverse / http://web.newdomain.com/


        ErrorLog ${APACHE_LOG_DIR}/error.log

        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel error

        CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined

        SSLEngine on
        SSLCertificateFile server.crt
        SSLCertificateKeyFile server.key

</VirtualHost>



My virtualhosts for internal web server :

<VirtualHost web.newdomain.com:80>
        ServerAdmin webmaster@web.newdomain.com
        ServerName web.newdomain.com

        DocumentRoot /var/www/auth

        Alias /no_auth /var/www/no_auth
        <Directory "/var/www/no_auth">
                Options Indexes FollowSymLinks
                AllowOverride None
                Order allow,deny
                Allow from all
        </Directory>

        ErrorLog ${APACHE_LOG_DIR}/error.log

        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel debug

        CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>


<VirtualHost web.newdomain.com:443>
        ServerAdmin webmaster@web.newdomain.com
        ServerName web.newdomain.com

        DocumentRoot /var/www/auth
        <Directory />
                Options FollowSymLinks
                AllowOverride None
                Order allow,deny
                allow from all
                deny from all

                AuthType Basic
                AuthName "Acces intranet"
                AuthBasicProvider ldap
                AuthBasicAuthoritative On
                AuthzLDAPAuthoritative Off
                AuthLDAPBindDN cn=apache,dc=newdomain,dc=com
                AuthLDAPBindPassword a_password
                AuthLDAPURL "ldap://192.168.0.1
192.168.0.2/ou=myproject,dc=newdomain,dc=com?uid?sub?(objectClass=*)"
        </Directory>

        <Directory "/var/www/auth">
                Options -Indexes FollowSymLinks
                AllowOverride None
                Order allow,deny
                Allow from all
                Require valid-user
        </Directory>

        Alias /no_auth /var/www/no_auth
        <Directory "/var/www/no_auth">
                Options Indexes FollowSymLinks
                AllowOverride None
                Order allow,deny
                Allow from all
        </Directory>


        ErrorLog ${APACHE_LOG_DIR}/error.log

        LogLevel error

        CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined

        #   SSL Engine Switch:
        #   Enable/Disable SSL for this virtual host.
        SSLEngine on
        SSLCertificateFile server.crt
        SSLCertificateKeyFile server.key
</VirtualHost>




See reverse proxy logs :

==> access.log <==
"GET /index.php HTTP/1.0" 302 688 "-" "Mozilla/4.0 (compatible;  ....)"
"GET /logout.php HTTP/1.0" 200 11699 "-" "Mozilla/4.0 (compatible;  ....)"



And internal webserver logs :

"GET /index.php HTTP/1.1" 302 412 "-" "Mozilla/4.0 (compatible;  ....)"

==> error.log <==
[error] [client ***ip reverse***] PHP Notice:  Undefined index: SESSION in
/var/www/auth/...../fichier.php on line **


==> access.log <==
"GET /logout.php HTTP/1.1" 200 11346 "-" "Mozilla/4.0 (compatible;  ....)"



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message