Bug #2015
access control not working if proxypass is used.
0%
Description
just tested with both proxypass and manually installed webapp, proxypass seems to bypass access control.
htpasswd isn't being used at all.
example config:
<VirtualHost *:80> ServerName couchpotato ServerAlias couchpotato.domain.com ProxyPass / http://localhost:5050/ ProxyPassReverse / http://localhost:5050/ DocumentRoot /var/hda/web-apps/couchpotato/html <Directory "/var/hda/web-apps/couchpotato/html"> Options Indexes FollowSymLinks MultiViews <If "-s '/var/hda/web-apps/couchpotato/htpasswd'"> AuthType Basic AuthName "User Login Required for This Area" AuthUserFile /var/hda/web-apps/couchpotato/htpasswd Require valid-user </If> <Else> AllowOverride AuthConfig Require all granted </Else> </Directory> ErrorLog /var/hda/web-apps/couchpotato/logs/error_log CustomLog /var/hda/web-apps/couchpotato/logs/access_log combined env=!dontlog </VirtualHost>
History
#1 Updated by cpg almost 5 years ago
- Description updated (diff)
- Status changed from New to Assigned
- Assignee set to dano5
It does look like a bug. When you have a moment, could you make sure the htpasswd file is correct, please?
#2 Updated by dano5 almost 5 years ago
cpg wrote:
It does look like a bug. When you have a moment, could you make sure the htpasswd file is correct, please?
we found a solution, but it requires some modification as to how the apache config files are modified/created.
example on working conf file with proxypass and working htpasswd
<VirtualHost *:80> ServerName couchpotato ServerAlias couchpotato.domain.com #DocumentRoot /var/hda/web-apps/couchpotato/html <Location "/"> Options Indexes FollowSymLinks MultiViews <If "-s '/etc/httpd/conf.d/htpasswd'"> AuthType Basic AuthName "User Login Required for This Area" AuthUserFile /etc/httpd/conf.d/htpasswd Require valid-user </If> <Else> AllowOverride AuthConfig Require all granted </Else> ProxyPass http://localhost:8084/ Keepalive=On ProxyPassReverse http://localhost:8084/ </Location> ErrorLog /var/hda/web-apps/couchpotato/logs/error_log CustomLog /var/hda/web-apps/couchpotato/logs/access_log combined env=!dontlog </VirtualHost>
working solution is to use location block instead of directory and insert proxypass settings as in example inside the location block under the other settings.
no idea on if it's possible to fix this in amahi code at all?
Also available in: Atom