Forum Moderators: phranque
Iīve set up apache with mod_rewrite and mod_proxy to reverse proxy some webservers in the intranet. The webserver are lotus domino. Pepople can authenticate against apache with a Basic authentication and provide their cerdentials from domino directory (LDAP).
This works fine so far. Apache passes the credentials to e.g. our mail server and Iīm already authenticated without. With our mail server this behavior is desired.
The problem is that this is same on our development servers. The users enter their cred to the apache authentication and are logged into the domino web application. At this situations this isnīt desired because an anonymous login is required for some testing. I canīt even log out because apache passes the credentials again and the page reloads with the auth. user.
Is there any way to authenticate against apache without passing the cred to the domino web server?
Jim
Thank for your quick reply. Iīve just tested the ProxyDomain directive. I have set a host entry in my clients and proxy server localhost settings with another domain name. But it didnīt work as expected.
Is there any other way to avoid that the credentials are passed to the backend application?
Ben
The simplest approach might be to give the Domino server a separate local domain name for anonymous testing, since the browser will only send auth credentials to the domain that they apply to.
thanks for your help.
The apache docs tells something different for the usage of ProxyDomain directive. The local domain adresses for every development host wasnīt really a practical solution.
So I searched a bit more for the right directive and at least I found it.
With the directive
RequestHeader unset authorization
I was finally able to delete the auth header. Now I have one virtual host for proxying web apps with auth. and one VHost w/o auth pass through. It works exactly as desired.
Regards,
Ben
Glad you got it working!
Jim
