Apache-2.2

禁用反向代理的身份驗證摘要

  • July 17, 2014

我在我的一個域上設置了摘要身份驗證,但我想為反向代理禁用它。

<VirtualHost *:80>
   ServerName example.org
   DocumentRoot /var/www/
   <Directory /var/www/>
           BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On
           AuthType Digest
           AuthName "Internal"
           AuthDigestDomain http://example.org/
           AuthDigestProvider file
           AuthUserFile /etc/apache2/example.digest
           Require valid-user

           Options FollowSymLinks MultiViews
           AllowOverride All
           Order allow,deny
           allow from all
   </Directory>

   ExpiresActive On
   ExpiresDefault "access plus 7 days"

   ProxyRequests Off
   ProxyPreserveHost On
   ProxyPass /api/ http://api.otherdomain.com/ retry=0 nocanon
   ProxyPassReverse /api/ http://api.otherdomain.com/
   AllowEncodedSlashes On

   <Proxy *>
       Order allow,deny
       Satisfy Any
       Allow from all
   </Proxy>

如您所見,我沒有成功嘗試使用<Proxy>塊來滿足任何要求。

我認為您通過將反向代理配置放在<Location>標籤中並利用 Apache 如何在內部合併指令和設置優先級來以一種非常通用的方式解決您的問題。

<Location>指令最後應用,應該推翻<Directory>指令。

<VirtualHost *:80>
   ServerName example.org
   DocumentRoot /var/www/
   <Directory /var/www/>
           BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On
           AuthType Digest
           AuthName "Internal"
           AuthDigestDomain http://example.org/
           AuthDigestProvider file
           AuthUserFile /etc/apache2/example.digest
           Require valid-user

           Options FollowSymLinks MultiViews
           AllowOverride All

   </Directory>

   ExpiresActive On
   ExpiresDefault "access plus 7 days"

   <Location /api/>   
           Order allow,deny
           Allow from all

           ProxyPreserveHost On
           ProxyPass http://api.otherdomain.com/ retry=0 nocanon
           ProxyPassReverse http://api.otherdomain.com/
           AllowEncodedSlashes On
   </Location> 
</VirtalHost>

從 Apache 2.3 開始,您可以使用授權容器來表達更複雜的授權邏輯。

引用自:https://serverfault.com/questions/613240