Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: Forward Caching Proxy with selective authentication - how? |
|
| Author |
|
robinwatts
Joined: 12 Jun 2007
Posts: 2
|
 Posted: Tue 12 Jun '07 18:29 Post subject: Forward Caching Proxy with selective authentication - how? |
 |
|
Hi all,
I've got Apache 2.2.4 running as a forward proxy on an intranet. This is a prototype for a machine that will be live on the internet, and so I need to add authorisation to it, so I'm not an open proxy.
I've therefore added the following lines to my httpd.conf:
<Proxy *>
AuthType Digest
AuthName "Picsel Proxy"
AuthDigestDomain *
AuthDigestProvider file
AuthUserFile /home/robin/apache/install/conf/auth_digest
Require valid-user
</Proxy>
This is all working swimmingly.
The next thing I'd like to do though is to be able to allow *unauthorised* access to a website (or websites) of my choosing.
In the full thing, this will be the website(s) you need to connect to in order to get a username/password to be able to use the proxy for the web at large. For now, I'm using my own website (http://www.wss.co.uk/) to test this with.
I'd hoped to be able to do:
<Proxy http://www.example.com/*>
Order allow,deny
Allow from all
</Proxy>
But accesses to http://www.example.com/ still tell me they need authorisation.
Can anyone tell me what I'm doing wrong please?
Thanks,
Robin |
|
| Back to top |
|
tdonovan
Moderator
Joined: 17 Dec 2005
Posts: 611
Location: Milford, MA, USA
|
| Posted: Tue 12 Jun '07 20:33 Post subject: |
|
|
I think you want to add the Satisfy Any directive to the second <Proxy> block.
This tells Apache that either the Allow from all or the Require valid-user are sufficient to proxy to www.example.com,
because it matches both of your patterns: "*" and "http://www.example.com/*".
Without this directive, Apache would require both conditions to be satisfied.
-tom- |
|
| Back to top |
|
robinwatts
Joined: 12 Jun 2007
Posts: 2
|
| Posted: Wed 13 Jun '07 2:07 Post subject: |
|
|
| tdonovan wrote: | I think you want to add the Satisfy Any directive to the second <Proxy> block
Without this directive, Apache would require both conditions to be satisfied.
|
That's solved it. Many, many thanks!
Robin |
|
| Back to top |
|
|
|
|
|
|
