[CentOS] Apache reverse proxy authentication problem on RHEL based distribs only
Todd Reed
treed at astate.edu
Thu Jan 5 21:15:54 UTC 2006
Not sure, but instead of using the domain\user, try using user at domain.
That is what we tell our users to use and it seems to work. We are
using OWA with form-based login...not HTTP_AUTH. We do this because our
SSO connector does not support HTTP Autentication.
I wonder if it is something in the passing of the \ that causes it. I
don't know.
I don't know if it will help, but it is something easy to try.
-----Original Message-----
From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On
Behalf Of Steve Johnson
Sent: Thursday, January 05, 2006 2:43 PM
To: centos at centos.org
Subject: [CentOS] Apache reverse proxy authentication problem on RHEL
based distribs only
Hi,
I'm currently setting up an Apache SSL reverse proxy for Exchange 2003
Outlook Web Access. The setup that I have works fine on my Gentoo laptop
or on a Trustix server, however, when I try to set it up on an RHEL
based distro, with the exact same virtual host settings, I get some
weird error with the authentication mechanism. I have tried with both
CentOS 4.2, based off the server CD and Whitebox 4 and I get the same
result.
We did a network trace off the Exchange server, and noticed we noticed
what is the problem, but can't figure out why only the configuration
from those distros are causing it. When getting the HTTP authentication
prompt from the Apache front-end, I enter "domain\user" for the user,
but the Apache front-end only sends back part of the authentication
string to the exchange. As an example, "domain\user" would only send
back "d\u" to the Exchange server. This does not happen at all with the
other distributions, as I get the full "domain\user" string sent back to
the Exchange.
Does anyone have any idea as to what could be causing this, and how I
might go about fixing it? All our environment consists of the same
distribution and I would prefer not to introduce a different one just
for this purpose.
Here is my virtual host configuration for this:
==================================
<VirtualHost xxx.xxx.xxx.xxx:443>
ServerName testproxy.domain.com
SSLEngine On
SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
RequestHeader set Front-End-Https "On"
ProxyRequests Off
ProxyPreserveHost On
LogLevel debug
<Location /exchange>
ProxyPass http://yyy.yyy.yyy.yyy/exchange
ProxyPassReverse http://yyy.yyy.yyy.yyy/exchange
SSLRequireSSL
</Location>
<Location /exchweb>
ProxyPass http://yyy.yyy.yyy.yyy/exchweb
ProxyPassReverse http://yyy.yyy.yyy.yyy/exchweb
SSLRequireSSL
</Location>
<Location /public>
ProxyPass http://yyy.yyy.yyy.yyy/public
ProxyPassReverse http://yyy.yyy.yyy.yyy/public
SSLRequireSSL
</Location>
</VirtualHost>
==================================
Any information will be appreciated.
Thanks,
Steve Johnson
_______________________________________________
CentOS mailing list
CentOS at centos.org
http://lists.centos.org/mailman/listinfo/centos
More information about the CentOS
mailing list