Apache 2.4, reverse proxy, forward credentials (basic auth)

Question

I want to pass the basic authentication credentials to the reverse proxy server.

Example of how it works now: User accesses the website, Apache is configured to ask for basic auth, user enters username and password, if correct, user is connected to reverse proxy server.

Example of how I want to set up: Case 1: User accesses the website, Apache is asking for authentication, user enters correct credentials, user is connected to reverse proxy, authentication headers (user name and password) are passed to the reverse proxy server

Case 2: User accesses the website, Apace is asking for authentication, user enters WRONG credentials, Apache blocks connection.

Regards, tomari

score 2 · Answer 1 · answered Jul 19 '22 at 07:57

On my test setup this happens automatically. I didn't configure anything special

My apache config:

<VirtualHost *:80>
    ProxyPass / http://backend/
    ProxyPassReverse / http://backend/

    <Location />
        AuthType Basic
        AuthName "Restricted Files"
        AuthUserFile "/usr/local/apache2/conf/htpasswd"
        Require valid-user
    </Location>
</Virtualhost>

Calling a test.php via the reverse proxy:

array(42) {
  ["HTTP_HOST"]=>
  string(7) "backend"
[...]
  ["PHP_SELF"]=>
  string(9) "/test.php"
  ["PHP_AUTH_USER"]=>
  string(6) "gerald"
  ["PHP_AUTH_PW"]=>
  string(8) "testtest"
}

When I enter invalid credentials the request is rejected and does not reach the backend.

If it doesn't work for you you need to add more details about your setup.

Hi, thanks for the info, I tested this and it din't work for me, maybe I did something wrong. I will check again and update. — Tomari, Jul 20 '22 at 09:44

Apache 2.4, reverse proxy, forward credentials (basic auth)

1 Answers1