Re: [users@httpd] Authenticating Proxy Server

Thu, 17 Apr 2008 02:08:03 -0700

Try using NTLM which provides some level of security or else try digest authentication using mod_auth_digest 

Roy Pearce wrote:

Hi Nils,

Thanks for your reply.
Our proxy server is a forward proxy server, not a reverse one so I haven't used the ProxyPass and ProxyPassReverse directives.
I replicated the (forward) proxy server, added SSL and changed the port to 443. The browser was configured to use this authenticating proxy server. The browser appears not to like talking to an SSL-enabled proxy server. Doing this was a stab in the dark! 
A guess, if you like and it's possibly a forlorn hope.
Are there other ways to transmit the credentials in an encrypted manner rather than in plain text? 

Regards,

Roy

Nils Jeppe wrote:


On 15.04.2008, at 13:22, Roy Pearce wrote:
I have tried using an ssl-enabled authenticating proxy server but this confuses the browser as it attempts to talk http to an https server.
Mh, why is this? I don't have experience with mod_auth_radius, but I'd expect it to work similarily to all the other mod_auth_* modules, that is, internally in Apache and not exposed to the user. So it shouldn't be the cause...
For the proxy I assume you use the normal ProxyPass / ProxyPass reverse combination? 



Best wishes
Nils


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project. 
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project. 
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to