trafficserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From James Peach <>
Subject Re: Authproxy plugin with different auth/origin servers
Date Thu, 13 Oct 2016 03:58:46 GMT

> On Sep 30, 2016, at 10:08 AM, Josh North <> wrote:
> Hello,
> I am using ATS as a reverse proxy.  I have been requested to set up
> some URL's to use LDAP authentication with a directory server.  I
> found the authproxy plugin and configured it, and it successfully
> authenticates/denies, but then returns a 404(or if I add an internal
> map to the auth server, the browser tries to take me there).  I feel I
> am missing a very basic concept so I apologize.
> Here is my expectation based on how I have remap.config set up:
> 1.  Browser requests
> 2.  ATS uses to authenticate if the request
> is allowed
> 3.  If not allowed, just fail however it wants to, don;t care
> 4.  if allowed, reverse proxy to
> Instead, at step 4, after a successful user/pass, I just get a
> redirect to, which fails because that
> server is not publicly available and does not have the content that
> privateserver has.
> remap.config
> --------------------------
> # LDAP Auth Server
> map
> # Private Server
> map
> @pparam=--auth-transform=redirect
> @pparam=--auth-port=80

This looks reasonable.

> reverse_map
> @pparam=--auth-transform=redirect
> @pparam=--auth-port=80

reverse_map is used to rewrite response headers, so it is might not be what you want. If it
is what you want, I’m not sure that you want to attach the authproxy plugin to it.

Generally, authproxy will need a map to use for the auth server, so maybe something like this:

map \ \

If you need to debug authproxy itself, try traffic_server -T ‘authproxy|http_hdrs’.


View raw message