Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: wstunnel behind AuthType Basic |
|
| Author |
|
gbr
Joined: 03 May 2022
Posts: 1
|
 Posted: Wed 04 May '22 15:40 Post subject: wstunnel behind AuthType Basic |
 |
|
I run Apache as a reverse proxy to an app. Part of the reverse proxy connects to NoVNC which uses websockets to display the VNC screen.
If I do not use authorization (AuthType Basic), the reverse proxy works perfectly. As soon as I add authorization, the wstunnel fails.
This is my config file (ignore using port 80, this is still testing stuff):
| Code: |
<VirtualHost *:80>
# ServerAdmin gbr@erlphase.com
# ProxyRequests off
# DocumentRoot /var/www
# SSLProxyEngine on
ProxyPreserveHost On
# ServerName kvm4.erlphase.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel error
ProxyPass /display/ http://localhost:5800/
ProxyPassReverse /display/ http://localhost:5800/
ProxyPass /wiki_7 ws://127.0.0.1:5801/websockify retry=3
ProxyPassReverse /wiki_7 ws://127.0.0.1:5801/websockify retry=3
ProxyPass /fileserver_6 ws://127.0.0.1:5803/websockify retry=3
ProxyPassReverse /fileserver_6 ws://127.0.0.1:5803/websockify retry=3
ProxyPass /wpg-common-pc_14 ws://127.0.0.1:5809/websockify retry=3
ProxyPassReverse /wpg-common-pc_14 ws://127.0.0.1:5809/websockify retry=3
ProxyPass / http://localhost:10000/
ProxyPassReverse / http://localhost:10000/
<Proxy *>
Order deny,allow
Allow from all
AuthType Basic
AuthName "Nexe Access"
AuthUserFile /var/www/.htpasswd
Require valid-user
</Proxy>
</VirtualHost>
|
My app runs on port 10000 (localhost only).
Is there a known issue running a wstunnel behind authorization?
Thanks,
Gerald
ps: I have gotten around the issue by running a reverse proxy on another port that does all the noVNC websocket stuff, but I don't think that's very secure. |
|
| Back to top |
|
James Blond
Moderator
Joined: 19 Jan 2006
Posts: 7373
Location: Germany, Next to Hamburg
|
| Posted: Thu 05 May '22 15:20 Post subject: |
|
|
The first thing I see is that you mix old (2.2) and new (2.4) config.
Delete "Order deny,allow" and "Allow from all" |
|
| Back to top |
|
|
|
|
|
|
