Apache Reverse Proxy w/ URL Rewrite & REMOTE_USER Header

Here is a sample Location block for setting up Apache as an authentication proxy for a remote Trac install. It sets a REMOTE_USER header so that Trac does not need to worry about authentication, and rewrites the URL for the remote URL Schema.
{{{ lang=xml line=1
RewriteEngine On #< Allows Rewritin the URL with regexes ProxyRequests Off #< Not a forward proxy
AuthType Basic
AuthName “Ticketing System”
AuthBasicProvider ldap
AuthzLDAPAuthoritative off
AuthLDAPBindDN “binduser@domain.com”
AuthLDAPBindPassword “I_AM_A_BIND_PASSWD”
Require valid-user
AuthLDAPURL “ldap://$LDAP_IP:389/CN=Users,DC=domain,DC=com?sAMAccountName #< You will need to modify this to fit your LDAP environment Options FollowSymLinks Order allow,deny allow from all RewriteRule /AUTH_PROXY/(.*) http://REMOTE_SERVER:8080/REMOTE_ENDPOINT/$1 [P] #< Grabs everything after /AUTH_PROXY and forwards to REMOTE_SERVER:8080/REMOTE_ENDPOINT/* ProxyPass http://REMOTE_SERVER:8080/REMOTE_ENDPOINT #< Setup proxy ProxyPassReverse http://172.20.228.66:443/REMOTE_ENDPOINT #< Setup proxy RequestHeader set REMOTE_USER %{REMOTE_USER}s #< Remote user header for auth

}}}


Posted

in

,

by

Tags:

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *