How? - Restrict access to Apache Proxy

How? - Restrict access to Apache Proxy

Post by MGON » Fri, 12 Sep 1997 04:00:00



Bit of a 'newbie' Apache Server question to anyone who might know:

 Is it possible to only allow certain users to use/access the proxy and
 caching feature of Apache (assuming the proxy module was compiled in)?

 ie. Are there any config options to do this or would I have to write
 a new module?


the newsgroup).

 
 
 

1. Problems trying to restrict access or require authorization for Apache PassProxy proxy server usage

I am attempting to use Apache 1.3.3 on UnixWare 7 as a non-caching proxy
server and would like to restrict access or require authorization for
requests to this proxy. Access is to be granted to users from subnet
192.168.0. Users from outside this subnet are to be prompted for a user name
and password which will be checked against a file of valid users and
passwords.

I configured Apache with

./configure --prefix=/usr/local/apache --enable-module=proxy

Following are the relevant portions of my httpd.conf file:

ProxyRequests On
Listen 9100
<VirtualHost 192.168.0.12:9100>
ServerName www.foobar.org
<Directory proxy:*>
AuthName "foobar"
AuthType Basic
AuthUserFile /usr/local/apache/etc/PASSWD
order deny,allow
deny from all
allow from 192.168.0
require valid-user
Satisfy any
</Directory>
ProxyPass / http://www.encyclopedia.com/
ProxyPassReverse / http://www.encyclopedia.com/
</VirtualHost>

If I turn off the authorization checks, the proxy is working fine.  If I
turn on the authorization checks, I can connect fine from the 192.168.0
subnet. But if if I connect from outside the 192.168.0 subnet, I receive no
prompt for username and password but receive the following message in the
browser :

HTTP/1.0 407 Proxy Authentication Required
Date: Fri, 15 Jan 1999 08:34:58 GMT
Server: Apache/1.3.3 (Unix)
Proxy-Authenticate: Basic realm="foobar"
Connection: close
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>407 Proxy Authentication Required</TITLE>
</HEAD><BODY>
<H1>Proxy Authentication Required</H1>
This server could not verify that you
are authorized to access the document you
requested.  Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn't understand how to supply
the credentials required.<P>
<HR>
<ADDRESS>Apache/1.3.3 Server at www.foobar.org Port 9100</ADDRESS>
</BODY></HTML>

The results are the same with either the Netscape 4.5 or IE 4.0 browser.

Does anyone have suggestions on how to achieve the desired results?

Thanks for your help!
-Mark Schwenk

2. Taxan mono vid. card & XFree

3. restricting access with apache as proxy

4. Autodisconnect on exit

5. Apache proxy: How do I restrict external access to it?

6. lost HACMP Heartbeat

7. Apache 1.1.1: Any way to restrict proxy access to certain cites only?

8. Hosting my website

9. Apache with restricted access and proxies

10. Apache with access control vs proxy (Not apache AS proxy)

11. restricted proxy access in CERN httpd

12. Restrict Proxy Access?

13. Restrict Access to URLs in Netscape Proxy Server 3.5