Here is a sample Location block for setting up Apache as an authentication proxy for a remote Trac install. It sets a REMOTE_USER header so that Trac does not need to worry about authentication, and rewrites the URL for the remote URL Schema.
{{{ lang=xml line=1
RewriteEngine On #< Allows Rewritin the URL with regexes
ProxyRequests Off #< Not a forward proxy
AuthType Basic
AuthName “Ticketing System”
AuthBasicProvider ldap
AuthzLDAPAuthoritative off
AuthLDAPBindDN “binduser@domain.com”
AuthLDAPBindPassword “I_AM_A_BIND_PASSWD”
Require valid-user
AuthLDAPURL “ldap://$LDAP_IP:389/CN=Users,DC=domain,DC=com?sAMAccountName #< You will need to modify this to fit your LDAP environment
Options FollowSymLinks
Order allow,deny
allow from all
RewriteRule /AUTH_PROXY/(.*) http://REMOTE_SERVER:8080/REMOTE_ENDPOINT/$1 [P] #< Grabs everything after /AUTH_PROXY and forwards to REMOTE_SERVER:8080/REMOTE_ENDPOINT/*
ProxyPass http://REMOTE_SERVER:8080/REMOTE_ENDPOINT #< Setup proxy
ProxyPassReverse http://172.20.228.66:443/REMOTE_ENDPOINT #< Setup proxy
RequestHeader set REMOTE_USER %{REMOTE_USER}s #< Remote user header for auth
}}}
Leave a Reply