Solved

Apache httpd with SSL, Basic Auth and ProxyPass

Posted on 2009-04-06
2
2,823 Views
Last Modified: 2012-06-27
i have Apache httpd V2.2 to front Jboss and Jetty runing behind it.  Apache is in DMZ and Jboss / Jetty are in our secure Corp network.   I have it so that all of my ssl requrests get proxy'ed (via ssl virtualhosts) to jboss and Jetty and all that works just fine, but now i need to add some sort of authentication to apache so that the page on Jetty requires some simple authentication before they can be viewed.  We can use the same username / password for every one in the company so that only employees cansee the site.  Below is the snippet fromt he ssl.conf file.  the "AuthType Basic" doesn't seem to work with the "ProxyPass" int he config.  i'm sure there is a way around this issue.

<VirtualHost 192.168.10.77:443>
Servername dev.tcp.ABC.com:443
ErrorLog logs/dev_tcp_temp_ssl_error_log
TransferLog logs/dev_tcp_temp_ssl_access_log
LogLevel warn
SSLProxyEngine on
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /etc/pki/tls/certs/dev_tcp_temp.crt
SSLCertificateKeyFile /etc/pki/tls/private/dev_tcp_temp.key
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

#        <Directory "/var/www/html/">
        <Directory "/">
            AuthType Basic
            AuthName "Restricted Directory"
            AuthBasicProvider file
            AuthUserFile /etc/httpd/conf.d/passwords
            Require user tptest
            Require valid-user
#            AuthAuthoritative on
        </Directory>

    RewriteEngine on
    RewriteRule ^/$ /chp/ [R]

    ProxyPass / http://192.168.72.82:9999/
    ProxyPassReverse / http://192.168.72.82:9999/

</VirtualHost>
0
Comment
Question by:nohurt
2 Comments
 
LVL 27

Accepted Solution

by:
caterham_www earned 500 total points
ID: 24085124
>         <Directory "/">
>            AuthType Basic

Use <Location /> instead of <directory /> since your requests are not related to the file system.
0
 

Author Closing Comment

by:nohurt
ID: 31567320
worked like a charm.
I can't believe it was that simple and i spend hours searching for a solution...
Thank you.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

One of the typical problems I have experienced is when you have to move a web server from one hosting site to another. You normally prepare all on the new host, transfer the site, change DNS and cross your fingers hoping all will be ok on new server…
Periodically we have to update or add SSL certificates for customers. Depending upon your hosting plan you may be responsible for the installation and/or key generation. In the wake of Heartbleed many sites were forced to re-key. We will concen…
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question