Apache-2.2
轉發代理使用者身份驗證不起作用
我有一個簡單的轉發代理,需要進行使用者身份驗證和 IP 地址白名單。我在下面創建了虛擬主機:
ProxyRequests On ProxyVia On <Proxy xx.xxx.xx.xxx:8888> Order deny,allow Allow from xx.xxx.xx.xxx Allow from xx.xxx.xx.xxx Allow from xx.xxx.xx.xxx Allow from xx.xxx.xx.xxx AuthType Basic AuthName "Password Required for Proxy" AuthUserFile /etc/apache2/.proxyhtpasswd Require user </Proxy>
代理本身工作正常,但使用者身份驗證和允許 IP 卻不行。我更改了 10 次配置,即使只有 Auth 塊,它仍然可以工作,而無需使用(有效)使用者/密碼或擁有正確的 IP 地址。
我還嘗試通過普通的 VirtualHost 配置來配置它,但仍然沒有成功:
<VirtualHost xx.xxx.xx.xxx:8888> ProxyRequests On ProxyVia On SSLProxyEngine On <Location /> Order Deny,Allow Deny from all Allow from xx.xxx.xx.xxx Allow from xx.xxx.xx.xxx Allow from xx.xxx.xx.xxx Allow from xx.xxx.xx.xxx AuthType Basic AuthBasicProvider file AuthName "Password Required for Proxy" AuthUserFile /etc/apache2/.proxyhtpasswd Require valid-user </Location> </VirtualHost>
我通過在 VirtualHost 指令中組合 Proxy 指令解決了這個問題。
<VirtualHost xx.xxx.xx.xxx:8888> ProxyRequests On ProxyVia On SSLProxyEngine On <Proxy *> Order Deny,Allow Deny from all Allow from xx.xxx.xx.xxx Allow from xx.xxx.xx.xxx Allow from xx.xxx.xx.xxx Allow from xx.xxx.xx.xxx AuthType Basic AuthBasicProvider file AuthName "Password Required for Proxy" AuthUserFile /etc/apache2/.proxyhtpasswd Require valid-user </Proxy> LogLevel warn ErrorLog ${APACHE_LOG_DIR}/proxy-error.log CustomLog ${APACHE_LOG_DIR}/proxy-access.log combined </VirtualHost>
我認為要麼
Require valid-user
或者
Require user [theusername]
但不是
Require user
請參閱:http ://httpd.apache.org/docs/current/mod/core.html#require