www-modproxy-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robin P. Blanchard" <robin.blanch...@georgiacenter.org>
Subject mod_proxy support for exchange 2000
Date Wed, 02 Oct 2002 19:55:23 GMT
In effort to build up a reverse proxy for Exchange 2000, I've determined:

1) using 1.3.26 or 1.3.28dev (CVS from a few minutes ago)
    a. IE clients fail IIS's auth challenge
    b. if those clients are sent first through squid, auth succeeds.
    c. mozilla, netscape 4x, clients succeed.

here are the http header responses from 1.3.26 and 1.3.28dev:
# wget --server-response webmail.gactr.uga.edu
--13:13:54--  http://webmail.gactr.uga.edu/
             => `index.html'
Resolving webmail.gactr.uga.edu... done.
Connecting to webmail.gactr.uga.edu[10.10.10.99]:80... connected.
HTTP request sent, awaiting response...
   1 HTTP/1.1 302 Found
   2 Date: Mon, 30 Sep 2002 17:13:54 GMT
   3 Server: Apache/1.3.26 (Unix) mod_mp3/0.35 PHP/4.2.3 mod_perl/1.27
mod_ssl/2.8.10 OpenSSL/0.9.6g
   4 Location: http://webmail.gactr.uga.edu/exchange/
   5 Connection: close
   6 Content-Type: text/html; charset=iso-8859-1
Location: http://webmail.gactr.uga.edu/exchange/ [following]
--13:13:54--  http://webmail.gactr.uga.edu/exchange/
             => `index.html'
Connecting to webmail.gactr.uga.edu[10.10.10.99]:80... connected.
HTTP request sent, awaiting response...
   1 HTTP/1.1 401 Access Denied
   2 Date: Mon, 30 Sep 2002 17:13:54 GMT
   3 Server: Microsoft-IIS/5.0
   4 WWW-Authenticate: Negotiate
   5 WWW-Authenticate: NTLM
   6 WWW-Authenticate: Basic realm="webmail.gactr.uga.edu"
   7 Content-Length: 24
   8 Content-Type: text/html
   9 Via: 1.1 webmail.gactr.uga.edu (Apache/1.3.26)
10 X-Cache: MISS from webmail.gactr.uga.edu
11 Keep-Alive: timeout=15, max=100
12 Connection: Keep-Alive
Unknown authentication scheme.

# wget --server-response webmail.gactr.uga.edu
--15:36:10--  http://webmail.gactr.uga.edu/
            => `index.html.3'
Resolving webmail.gactr.uga.edu... done.
Connecting to webmail.gactr.uga.edu[10.10.10.99]:80... connected.
HTTP request sent, awaiting response...
  1 HTTP/1.1 302 Found
  2 Date: Wed, 02 Oct 2002 19:36:10 GMT
  3 Server: Apache/1.3.28-dev (Unix)
  4 Location: http://webmail.gactr.uga.edu/exchange/
  5 Connection: close
  6 Content-Type: text/html; charset=iso-8859-1
Location: http://webmail.gactr.uga.edu/exchange/ [following]
--15:36:10--  http://webmail.gactr.uga.edu/exchange/
            => `index.html.3'
Connecting to webmail.gactr.uga.edu[10.10.10.99]:80... connected.
HTTP request sent, awaiting response...
  1 HTTP/1.1 401 Access Denied
  2 Date: Wed, 02 Oct 2002 19:36:10 GMT
  3 Server: Microsoft-IIS/5.0
  4 WWW-Authenticate: Negotiate
  5 WWW-Authenticate: NTLM
  6 WWW-Authenticate: Basic realm="webmail.gactr.uga.edu"
   7 Content-Length: 24
  8 Content-Type: text/html
  9 Via: 1.1 webmail.gactr.uga.edu (Apache/1.3.28-dev)
10 X-Cache: MISS from webmail.gactr.uga.edu
11 Keep-Alive: timeout=15, max=100
12 Connection: Keep-Alive
Unknown authentication scheme.


2) using 2.0.42 the proxy works properly. here are its http headers:
# wget --server-response webmail.gactr.uga.edu
--15:34:06--  http://webmail.gactr.uga.edu/
            => `index.html.3'
Resolving webmail.gactr.uga.edu... done.
Connecting to webmail.gactr.uga.edu[10.10.10.99]:80... connected.
HTTP request sent, awaiting response...
  1 HTTP/1.1 302 Found
  2 Date: Wed, 02 Oct 2002 19:34:06 GMT
  3 Server: Apache/2.0.42 (Unix)
  4 Location: http://webmail.gactr.uga.edu/exchange/
  5 Content-Length: 302
  6 Keep-Alive: timeout=15, max=100
  7 Connection: Keep-Alive
  8 Content-Type: text/html; charset=iso-8859-1
Location: http://webmail.gactr.uga.edu/exchange/ [following]
--15:34:06--  http://webmail.gactr.uga.edu/exchange/
            => `index.html.3'
Connecting to webmail.gactr.uga.edu[10.10.10.99]:80... connected.
HTTP request sent, awaiting response...
  1 HTTP/1.1 401 Access Denied
  2 Date: Wed, 02 Oct 2002 19:34:06 GMT
  3 Server: Microsoft-IIS/5.0
  4 WWW-Authenticate: Negotiate
  5 WWW-Authenticate: NTLM
  6 WWW-Authenticate: Basic realm="webmail.gactr.uga.edu"
  7 Content-Type: text/html; charset=ISO-8859-1
  8 Via: 1.0 webmail.gactr.uga.edu (Apache/2.0.42)
  9 Content-Length: 24
10 Connection: close
Unknown authentication scheme.


Below in the vhost config I've been using to test this. As it seems to 
me that the glaring difference between the 1.3.x proxy and the 2.0.x 
proxy is the http 1.1 vs http 1.0 (also why IE clients will work with 
the 1.3.x proxy when first sent through squid). I thus attempted to play 
with the variables (commented out in the below config) for the 1.3.x 
proxy. They produced no different results (as if the variables were 
ignored).

I am hoping to implement this reverse proxy (behind SSL also) by 01 
January and would very much like to have a 1.3.x solution as the 
platform in question is FreeBSD; and PHP and auth_ldap modules will be 
required. Thanks very much in advance.

I will gladly attempt to elaborate more if necessary.


# cat http.webmail.gactr.uga.edu.inc
Listen 10.10.10.99:80
<VirtualHost 10.10.10.99:80>
          ServerName              webmail.gactr.uga.edu
          UseCanonicalName        On
          CustomLog       /tmp/transfer.log combined
          ErrorLog        /tmp/error.log

          #SetEnv force-proxy-request-1.0
          #SetEnv proxy-nokeepalive
          ##SetEnv nokeepalive
          #SetEnv downgrade-1.0
          #SetEnv force-response-1.0
          #SetEnv redirect-carefully
          ##SetEnv force-no-vary

          Redirect / http://webmail.gactr.uga.edu/exchange/
          ProxyRequests Off
          ProxyVia Full
          #ProxyRemote * http://webmail.gactr.uga.edu
          ProxyPass /exchange/ http://webmail.gactr.uga.edu/exchange/
          ProxyPassReverse /exchange/ http://webmail.gactr.uga.edu/exchange/
          ProxyPass /public/ http://webmail.gactr.uga.edu/public/
          ProxyPassReverse /public/ http://webmail.gactr.uga.edu/public/
          ProxyPass /ex2k/ http://webmail.gactr.uga.edu/ex2k/
          ProxyPassReverse /ex2k/ http://webmail.gactr.uga.edu/ex2k/
          ProxyPass /exchweb/ http://webmail.gactr.uga.edu/exchweb/
          ProxyPassReverse /exchweb/ http://webmail.gactr.uga.edu/exchweb/

</VirtualHost>

-- 
----------------------------------------
Robin P. Blanchard
Systems Integration Specialist
Georgia Center for Continuing Education
fon: 706.542.2404 <|> fax: 706.542.6546
----------------------------------------


Mime
View raw message