Need a rewrite rule to pass http://username:password@mysite:7000/

Hello,

I am trying to create a rewrite rule that proxies a user to a site that requires basic auth, and provides the username & password which logs them in.

Here is the rule I attempted:
RewriteRule ^/invoke(.*) http://username:password@mysite:7000/invoke$1 [NC,P]
ProxyPassReverse /invoke/ http://username:password@mysite:7000/invoke/

The rule does successfully pass you on to the proper site, but the user is still prompted for the username and password. If you provide the user and password you do get the page successfully, but I don't want the user to be prompted.

If I post the username and passworld at mysite directly:
http://username:password@mysite:7000/invoke/index.htm

I am logged in appropriately without being prompted, but for some reason I cannot get this to work with a rewriterule!

Help!

Thanks,
Liam
LVL 1
Liam2eAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

_nn_Commented:
A browser will possibly translate the http://username:password@mysite:7000/invoke/index.htm syntax into a http://mysite:7000/invoke/index.htm request combined with additional auth headers, but I strongly doubt that Apache's mod_rewrite (or any other module for that matter) can do that.

I would approach the problem with another angle. You could for instance get the mysite host to accept connections coming from the IP address of the reverse proxy you're currently setting up. If that mysite host is also running Apache, it's just a matter of using the Satisfy directive, something like

Require valid-user
Allow from <IP of proxy>
Satisfy Any

(see http://httpd.apache.org/docs-2.0/mod/core.html#satisfy for details)

Else, you could of course use some script (CGI, PHP, etc) to do the job, but I suspect you don't like that idea.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
BigRatCommented:
mod_proxy does not pass forward basic authentication which is why the user gets prompted. I would suggest you rewrite the incoming url into a perl script which instantiates an http object, passes the authentication and then the url.

Long term this is better, since mod_proxy does not handle cookies. The proxy_pass_reverse applies only to the Location: http response header.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Apache Web Server

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.