Apache PROXYPASS, NEGATIVE PROXYPASS AND AUTH_BASIC
Today i had to face a weird problem with Apache 2. I wanted to setup a webmail on the SAME virtualhost that i was using to proxy to another host.
Here’s a summary of my configuration:
Alias /mail /var/lib/roundcube/
Options Indexes Includes FollowSymLinks
AuthName “Protected Folder”
Allow from all
ProxyPass /mail/ !
ProxyPass / http://0.0.0.0/ ttl=60 retry=0 status=I keepalive=on timeout=2500 disablereuse=on
The problem is that the auth_basic wasn’t working correctly in this setup, Apache was answering with a 200 instead of a 401 message, which prevented the browser from understanding it was actually an authentication..
But this config was working fine without the auth, the webmail was working. And it was working fine with auth but no proxypass.
So what was wrong?! Thanks to the guys @freenode i discovered that Apache was proxying the requests to custom errors in /error/ (as i uncommented the custom errors in apache2.conf). The solution was to add:
ProxyPass /error/ !
Turn loglevel to debug in case you have a similar issue, in my case i could read this:
[Fri Mar 04 15:44:36 2011] [debug] mod_proxy_http.c(56): proxy: HTTP: canonicalising URL //10.10.10.10/error/HTTP_UNAUTHORIZED.html.var
[Fri Mar 04 15:44:36 2011] [debug] proxy_util.c(1506): [client 220.127.116.11] proxy: http: found worker http://10.10.10.10/ for http://10.10.10.10/error/HTTP_UNAUTHORIZED.html.var
Hope it helps.