有没有办法配置mod_auth_openidc以执行类似基本身份验证的操作,而不是重定向到auth提供程序(在我的情况下为Okta)进行登录?
我在反向代理上设置mod_auth_openidc,但我保护的API不受那些无法处理比基本身份验证更复杂的服务所访问的API的保护。
答案 0 :(得分:0)
You should be able to statically add a header that provides the required Basic authentication information as documented in Apache2 Reverse Proxy to an end-point that requires BasicAuth but want to hide this from user
So it would look something like:
RequestHeader set Authorization "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ=="