Bug 60862

Summary: Authentication through APACHE reverse proxy
Product: Apache httpd-2 Reporter: Simon <simon.grimal>
Component: mod_proxyAssignee: Apache HTTPD Bugs Mailing List <bugs>
Status: RESOLVED INVALID    
Severity: normal CC: julie.farkouh
Priority: P2    
Version: 2.2.15   
Target Milestone: ---   
Hardware: Sun   
OS: Linux   
Attachments: httpd configuration file and mod_proxy_dwa.c

Description Simon 2017-03-14 09:52:28 UTC 
Created attachment 34822 [details]
httpd configuration file and mod_proxy_dwa.c

NEED:
Implement a module for APACHE which perform authentication in place of the end user with his remote_uid (provided by Siteminder) when accessing the application.


IMPLEMENTED SOLUTION :
In the attached file "mod_proxy_dwa.c", we simulate the Siteminder remote uid by setting in the code an existing login/password : LQE/123456789

This authentication is made in a module for APACHE httpd.x86_64 2.2.15-56.el6_8.3

We try to create our own module based on mod_proxy module’s sources and add our modification in it module. Then use our own module in place of mod_proxy.
We set our login/password in the request of the URL
"https://slnxvibesdoors02.colo.fr.sopra:8443/dwa/j_acegi_security_check"



COMPILATION : 
apxs -n proxy_dwa -cia mod_proxy_dwa.c


APACHE start :
httpd -k start


PROBLEM :
The login/password set is not taken in account.
We did not succeed to replace mod_proxy by our module, some other modules depend on mod_proxy, and our module do not match, but we don’t know why.


I attach to the incident the source code of our module "mod_proxy_dwa.c" and the APACHE configuration file "httpd.conf".
Comment 1 Luca Toscano 2017-11-19 17:46:43 UTC 
Hi,

please follow up on the dev@ mailing list, this doesn't seem a bug but a code review request.

Thanks!