Bug 60862 - Authentication through APACHE reverse proxy
Summary: Authentication through APACHE reverse proxy
Status: RESOLVED INVALID
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: mod_proxy (show other bugs)
Version: 2.2.15
Hardware: Sun Linux
: P2 normal (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-03-14 09:52 UTC by Simon
Modified: 2021-01-21 19:42 UTC (History)
1 user (show)



Attachments
httpd configuration file and mod_proxy_dwa.c (30.65 KB, application/x-zip-compressed)
2017-03-14 09:52 UTC, Simon
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Simon 2017-03-14 09:52:28 UTC
Created attachment 34822 [details]
httpd configuration file and mod_proxy_dwa.c

NEED:
Implement a module for APACHE which perform authentication in place of the end user with his remote_uid (provided by Siteminder) when accessing the application.


IMPLEMENTED SOLUTION :
In the attached file "mod_proxy_dwa.c", we simulate the Siteminder remote uid by setting in the code an existing login/password : LQE/123456789

This authentication is made in a module for APACHE httpd.x86_64 2.2.15-56.el6_8.3

We try to create our own module based on mod_proxy module’s sources and add our modification in it module. Then use our own module in place of mod_proxy.
We set our login/password in the request of the URL
"https://slnxvibesdoors02.colo.fr.sopra:8443/dwa/j_acegi_security_check"



COMPILATION : 
apxs -n proxy_dwa -cia mod_proxy_dwa.c


APACHE start :
httpd -k start


PROBLEM :
The login/password set is not taken in account.
We did not succeed to replace mod_proxy by our module, some other modules depend on mod_proxy, and our module do not match, but we don’t know why.


I attach to the incident the source code of our module "mod_proxy_dwa.c" and the APACHE configuration file "httpd.conf".
Comment 1 Luca Toscano 2017-11-19 17:46:43 UTC
Hi,

please follow up on the dev@ mailing list, this doesn't seem a bug but a code review request.

Thanks!