mod_proxy: passing REMOTE_USER in request header
2 posts
• Page 1 of 1
mod_proxy: passing REMOTE_USER in request header
Greetings,
I'm running Helicon Ape 3.1.0.256 on Windows Server 2012r2. My goal is to use this Windows server with IIS and Helicon Ape to authenticate users with Windows Integrated Authentication, and then proxy/load balance the connections to multiple back-end linux servers running perl applications in Starman, and I would also like to use mod_mem_cache to cache static files. Since the user is authenticated on the Windows/IIS server, it needs to pass the REMOTE_USER value to the back-end servers in a request header.
For my first test, I added this to my .htaccess file:
This works, and the correctly passes the authentication headers, but it doesn't provide load balancing across multiple back-end servers based on response time.
For my second test, I'm trying to use mod_proxy, so I've added this to http.conf:
In the second test, the proxying works, but I cannot get REMOTE_USER passed to the back-end in the request header.
Any ideas how I can achieve this?
Thanks,
Troy
I'm running Helicon Ape 3.1.0.256 on Windows Server 2012r2. My goal is to use this Windows server with IIS and Helicon Ape to authenticate users with Windows Integrated Authentication, and then proxy/load balance the connections to multiple back-end linux servers running perl applications in Starman, and I would also like to use mod_mem_cache to cache static files. Since the user is authenticated on the Windows/IIS server, it needs to pass the REMOTE_USER value to the back-end servers in a request header.
For my first test, I added this to my .htaccess file:
- Code: Select all
RewriteEngine on
RewriteBase /
RewriteProxy ^(.+)$ http://10.10.10.145:8080/$1 [A]
This works, and the correctly passes the authentication headers, but it doesn't provide load balancing across multiple back-end servers based on response time.
For my second test, I'm trying to use mod_proxy, so I've added this to http.conf:
- Code: Select all
<VirtualHost proxytest2.mydomain.local>
RequestHeader set X-Proxy-REMOTE-USER %{REMOTE_USER}e
ProxyPass / balancer://cluster/
ProxyPassReverse / balancer://cluster/
<Proxy balancer://cluster>
# describe application balancer members
BalancerMember http://10.10.10.145:8080/
BalancerMember http://10.10.10.146:8080/
</Proxy>
# enable reversing of domain in Set-Cookie headers
ProxyPassReverseCookieDomain 10.10.10.145 proxytest2.mydomain.local
ProxyPassReverseCookieDomain 10.10.10.146 proxytest2.mydomain.local
ProxyPassReverseCookiePath / /
</VirtualHost>
In the second test, the proxying works, but I cannot get REMOTE_USER passed to the back-end in the request header.
Any ideas how I can achieve this?
Thanks,
Troy
Re: mod_proxy: passing REMOTE_USER in request header
Hello.
Try to use mod_rewrite's RewriteHeader instead mod_header does not really have access to server variables.
Try to use mod_rewrite's RewriteHeader instead mod_header does not really have access to server variables.
- Code: Select all
<VirtualHost proxytest2.mydomain.local>
RewriteEngine On
RewriteHeader X-Proxy-REMOTE-USER: .? %{REMOTE_USER}
ProxyPass / balancer://cluster/
ProxyPassReverse / balancer://cluster/
<Proxy balancer://cluster>
# describe application balancer members
BalancerMember http://10.10.10.145:8080/
BalancerMember http://10.10.10.146:8080/
</Proxy>
# enable reversing of domain in Set-Cookie headers
ProxyPassReverseCookieDomain 10.10.10.145 proxytest2.mydomain.local
ProxyPassReverseCookieDomain 10.10.10.146 proxytest2.mydomain.local
ProxyPassReverseCookiePath / /
</VirtualHost>
2 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 7 guests