[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2906
  • Last Modified:

Apache httpd with SSL, Basic Auth and ProxyPass

i have Apache httpd V2.2 to front Jboss and Jetty runing behind it.  Apache is in DMZ and Jboss / Jetty are in our secure Corp network.   I have it so that all of my ssl requrests get proxy'ed (via ssl virtualhosts) to jboss and Jetty and all that works just fine, but now i need to add some sort of authentication to apache so that the page on Jetty requires some simple authentication before they can be viewed.  We can use the same username / password for every one in the company so that only employees cansee the site.  Below is the snippet fromt he ssl.conf file.  the "AuthType Basic" doesn't seem to work with the "ProxyPass" int he config.  i'm sure there is a way around this issue.

<VirtualHost 192.168.10.77:443>
Servername dev.tcp.ABC.com:443
ErrorLog logs/dev_tcp_temp_ssl_error_log
TransferLog logs/dev_tcp_temp_ssl_access_log
LogLevel warn
SSLProxyEngine on
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /etc/pki/tls/certs/dev_tcp_temp.crt
SSLCertificateKeyFile /etc/pki/tls/private/dev_tcp_temp.key
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

#        <Directory "/var/www/html/">
        <Directory "/">
            AuthType Basic
            AuthName "Restricted Directory"
            AuthBasicProvider file
            AuthUserFile /etc/httpd/conf.d/passwords
            Require user tptest
            Require valid-user
#            AuthAuthoritative on
        </Directory>

    RewriteEngine on
    RewriteRule ^/$ /chp/ [R]

    ProxyPass / http://192.168.72.82:9999/
    ProxyPassReverse / http://192.168.72.82:9999/

</VirtualHost>
0
nohurt
Asked:
nohurt
1 Solution
 
caterham_wwwCommented:
>         <Directory "/">
>            AuthType Basic

Use <Location /> instead of <directory /> since your requests are not related to the file system.
0
 
nohurtAuthor Commented:
worked like a charm.
I can't believe it was that simple and i spend hours searching for a solution...
Thank you.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now