I'm configuring Apache Traffic server as a proxy to be used as an intermediator between clients and one external API.
I need to implement a custom authentication service to be used together the AuthProxy plugin as discribed in documentation below:
I've configured the remap.config with the below lines:
regex_map http://(.*) http://$1 \
@plugin=authproxy.so @pparam=--auth-transform=redirect @pparam=--auth-host=127.0.0.1 @pparam=--auth-port=5000
regex_map https://(.*) https://$1 \
@plugin=authproxy.so @pparam=--auth-transform=redirect @pparam=--auth-host=127.0.0.1 @pparam=--auth-port=5000
When I make an HTTP request, everything works as expected. The client call the proxy, the proxy call the auth server in 5000 port, and then return 200 (when pass in auth).
curl -I http://www.google.com -x http://127.0.0.1:8080 -H "token: abc"
Response:
HTTP/1.1 200 OK
Content-Type: text/html; charset=ISO-8859-1
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Date: Thu, 16 Mar 2023 19:45:24 GMT
Server: ATS/9.1.1
X-XSS-Protection: 0
But when I use the HTTPS, the same request not works. The client call the proxy, I can see it at the logs, but the auth plugin is not called.
curl -I https://www.google.com -x http://127.0.0.1:8080 -H "token: abc"
Response:
HTTP/1.1 403 Tunnel Forbidden
Date: Thu, 16 Mar 2023 19:45:46 GMT
Proxy-Connection: close
Server: ATS/9.1.1
Cache-Control: no-store
Content-Type: text/plain
Content-Language: en
Content-Length: 14
curl: (56) Received HTTP code 403 from proxy after CONNECT
Some idea about what's wrong in my configuration or what can I do to Apache Traffic Server authenticate HTTPS requests with my custom auth service?
