www-modproxy-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robin P. Blanchard" <robin.blanch...@georgiacenter.org>
Subject Re: Apache reverse proxy x OWA authentication
Date Mon, 11 Nov 2002 17:30:30 GMT
I finally got a reverse proxy to e2k via apache-1.3.2[6,7]. You need to 
install mod_proxy_add_forward with the following modification. On the 
IIS/OWA box, deselect "integrated windows auth". This allowsIE clients 
to auth through the apache1 proxy...

--- mod_proxy_add_forward-20020710.c    Tue Nov  5 14:22:06 2002
+++ mod_proxy_add_forward-ssl.c Tue Nov  5 14:25:26 2002
@@ -185,6 +185,8 @@

          ap_table_set(r->headers_in, "X-Server-Hostname",
                       r->server->server_hostname);
+       /* turn on front-end-https headed, so OWA will put HTTPS into 
urls */
+       ap_table_set(r->headers_in, "front-end-https","on");

         return OK;
      }



Fabiano Felix wrote:
> Hello ,
> 
> I have success in reverse proxy to OWA/Exch2K with Apache2, but I have 
> another problem: in some parts of OWA (specifically in pages that they 
> require NTFS authentication), I receive the following message:
>    Unknow authentication method.
> 
> I have too a https backend...
> 
> I search but I didnt find any solution, someone has some idea  ???
> 
> With best regards,
> 
> Fabiano
> 
> i.t wrote:
> 
>>> We are having a similar problem and haven't solved it yet. I believe 
>>> that
>>> the backend OWA server needs to have the original Host: header 
>>> requested by
>>> the browser passed through. There's a proxy directive in Apache 2 called
>>> ProxyPreserveHost which sounds like it might do just that.
>>>
>>> http://httpd.apache.org/docs-2.0/mod/mod_proxy.html#proxypreservehost
>>>
>>> There's also a tech. note on Microsoft's web site that mentions that an
>>> HTTP header may have to be set, but it isn't clear whether this is 
>>> required
>>> or not.
>>>
>>> http://support.microsoft.com/default.aspx?scid=kb;en-us;Q307347
>>>
>>> We tried to get end-to-end SSL working with reverse proxy and ran into
>>> problems with Apache 1.3.26 (haven't tried with Apache 2 yet). Our 
>>> backend
>>> https connection must pass through a regular Apache 1.3.26 proxy (not a
>>> reverse proxy) and this doesn't appear to be implemented. The 
>>> ProxyRemote
>>> method seems to malfunction for backend SSL connections. A direct (no
>>> intermediary proxy) https backend connection does appear to work.
>>>   
>>
>>
>> what we have experienced with OWA-Clients and Exchange is:
>> to avoid problems with IE5/6 you have to use Squid (with extensions 
>> methods) or Apache 2.0.4x
>> we have even tested 1.3.28dev (beg. Oct);
>> 1.3.24 works with basic auth, but you have to add dav support getting 
>> the client to work with the inbox and other webmail functionality
>>
>> Regards
>>  
>>
> 
> 
> 

-- 
----------------------------------------
Robin P. Blanchard
Systems Integration Specialist
Georgia Center for Continuing Education
fon: 706.542.2404 <|> fax: 706.542.6546
----------------------------------------


Mime
View raw message