We have a site using Windows authentication sitting behind a firewall that we are accessing through ProxyPass. We then need to access an API application on the same server, but are receiving a 401 unauthorized error when using rewrite_proxy rules when we try to access it. How can we pass the credentials for authentication?
To perform the initial redirect from the secure serve to the internal application server:
In the https.conf file ProxyPass /blastdev/ http://10.0.212.198/blastdev/
This seems to be working correctly and is loading the content on the page until we reach the api calls:
in the .htaccess file
RewriteCond %{REQUEST_URI} ^/blastdev/blast(.*)
RewriteHeader X-Remote-User: .* %{REMOTE_USER}
RewriteHeader X-Logon-User: .* %{LOGON_USER}
RewriteHeader AUTH_TYPE: .* %{AUTH_TYPE}
RewriteProxy ^/blast/(.*)$ http://10.0.212.198/blast/$1 [NC, A, CR]
simply to try to show any user information. All fields are showing blank though.
Here are the headers we are currently sending:
Headers:
'Cache-Control'='no-cache'
'Pragma'='no-cache'
'Expires'='Sat, 01 Jan 2000 00:00:00 GMT'
'Accept'='application/json, text/plain, */*'
'Accept-Encoding'='gzip, deflate'
'Accept-Language'='en-US,en;q=0.9'
'Referer'='http://dev.*******.com/blastdev/'
'User-Agent'='Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36'
'X-REQUEST-URI'='/blastdev/blast/api/usermanager/'
'X-Rewrite-Url'='/blastdev/blast/api/usermanager/'
'X-Original-Url'='/blastdev/blast/api/usermanager/'
'X-logio_http_input_size'='0'
'X-logio_request_headers_size'='746'
'X-Remote-User'=''
'X-Logon-User'=''
'AUTH_TYPE'=''
'Max-Forwards'='10'
'X-Forwarded-Host'='dev.*******.com'
'X-Forwarded-For'='10.1.13.42'
'X-Forwarded-Server'='10.0.90.54'
We need to be able to access the current user if they are AD authenticated and see that they are anonymous if not.
Any additional assistance in tests we can run for further troubleshooting would also be appreciated.
