Solved

Apache httpd with SSL, Basic Auth and ProxyPass

Posted on 2009-04-06
2
2,808 Views
Last Modified: 2012-06-27
i have Apache httpd V2.2 to front Jboss and Jetty runing behind it.  Apache is in DMZ and Jboss / Jetty are in our secure Corp network.   I have it so that all of my ssl requrests get proxy'ed (via ssl virtualhosts) to jboss and Jetty and all that works just fine, but now i need to add some sort of authentication to apache so that the page on Jetty requires some simple authentication before they can be viewed.  We can use the same username / password for every one in the company so that only employees cansee the site.  Below is the snippet fromt he ssl.conf file.  the "AuthType Basic" doesn't seem to work with the "ProxyPass" int he config.  i'm sure there is a way around this issue.

<VirtualHost 192.168.10.77:443>
Servername dev.tcp.ABC.com:443
ErrorLog logs/dev_tcp_temp_ssl_error_log
TransferLog logs/dev_tcp_temp_ssl_access_log
LogLevel warn
SSLProxyEngine on
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /etc/pki/tls/certs/dev_tcp_temp.crt
SSLCertificateKeyFile /etc/pki/tls/private/dev_tcp_temp.key
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

#        <Directory "/var/www/html/">
        <Directory "/">
            AuthType Basic
            AuthName "Restricted Directory"
            AuthBasicProvider file
            AuthUserFile /etc/httpd/conf.d/passwords
            Require user tptest
            Require valid-user
#            AuthAuthoritative on
        </Directory>

    RewriteEngine on
    RewriteRule ^/$ /chp/ [R]

    ProxyPass / http://192.168.72.82:9999/
    ProxyPassReverse / http://192.168.72.82:9999/

</VirtualHost>
0
Comment
Question by:nohurt
2 Comments
 
LVL 27

Accepted Solution

by:
caterham_www earned 500 total points
ID: 24085124
>         <Directory "/">
>            AuthType Basic

Use <Location /> instead of <directory /> since your requests are not related to the file system.
0
 

Author Closing Comment

by:nohurt
ID: 31567320
worked like a charm.
I can't believe it was that simple and i spend hours searching for a solution...
Thank you.
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

A web service (http://en.wikipedia.org/wiki/Web_service) is a software related technology that facilitates machine-to-machine interaction over a network. This article helps beginners in creating and consuming a web service using the ColdFusion Ma…
In Solr 4.0 it is possible to atomically (or partially) update individual fields in a document. This article will show the operations possible for atomic updating as well as setting up your Solr instance to be able to perform the actions. One major …
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now