Question

我有一个Apache代理服务器为客户端提供ssl服务。然后，Apache代理一个普通的http tomcat服务器。

Listen 7777
<VirtualHost *:7777>
    ServerName my.server.com

    SSLEngine on
    SSLCertificateFile /some.crt
    SSLCertificateKeyFile /some.pem
    SSLProxyEngine on

    # Replace HTTP response headers (http to https)
    Header edit Location ^http:(.*)$ https:$1

    ProxyRequests off
    ProxyPreserveHost On
    <Proxy *>
            Order deny,allow
            Allow from all
    </Proxy>

    ProxyPass / http://my.server.com:8888/
    ProxyPassReverse / http://my.server.com:8888/

    <Location />
            Order allow,deny
            Allow from all
    </Location>
</VirtualHost>

一切正常但我访问时

https://my.server.com:7777/jmx-console

我得到了

http status 403 Access to the specified resource () has been forbidden.

如果我直接访问后端

http://my.server.com:8888/jmx-console

我获得了基本身份验证对话框

我希望Apache能够显示tomcat的后端基本身份验证对话框。我错过了什么？

Answer 1

也许你需要使用'proxy-chain-auth'：

SetEnv proxy-chain-auth On
AuthType basic
AuthBasicAuthoritative Off

使用ssl的Apache代理不会从后端显示basicauth对话框

1 个答案: