Topic: Apache proxy to SP can't log in after fixing 401 error

[comert]

I have apache 2.2 on Linux going through the a firewall to a backend sharepoint server. My sharepoint application has anonymous and authenticated traffic. This works fine most of the time but we randomly get (104)Connection reset by peer: proxy: error reading status line from remote server. I was able to fix this by adding *SetEnv force-proxy-request-1.0 1 *SetEnv proxy-nokeepalive 1 *RequestHeader unset Expect early But after I added this I was then no longer able to log in. I would receive a *HTTP/1.1" 401 my understanding is KeepAlive is required for NTLM to work so I need some help making sure I can stop the connection resets which are unacceptable and still allow the authenticated users to log in.

[James Blond]

That is an error of the backend server, not apache. Apache just tells you that it can't connect to the backend server aka not reachable or the backend server is too busy.

[comert]

The bad gateway or the (104)Connection reset by peer error seems to be a a conflict between the HTTP keepalive of Apache and IIS and the way to fix it was add the settings I added
SetEnv force-proxy-request-1.0 1
SetEnv proxy-nokeepalive 1
SetEnv proxy-initial-not-pooled 1

and it did in fact fix the problem but when I did this it broke the NTLM so I guess my question is... is there another way to fix 104 or badgateway errors? Surely others who use an Apache proxy server to an IIS backend server have gotten around this issue.

[James Blond]

Which module do you use to connect to LDAP or NTLM?

[comert]

Not sure exactly what you are asking, but NTLM on the backend IIS server is handled with the Windows Authorization option and on apache proxy server I am using mod_proxy, mod_proxy_ssl, etc., is that what you were wanting to know?