Menu
I want to add basic authentication for a reverse proxy site of Apache running on Ubuntu server 12.04.1.
The web application is Jenkins that is running on a Java EE container.
I added below configurations in httpd.conf,
ProxyPass /jenkins/ http://localhost:8080/jenkins/¬
ProxyPassReverse /jenkins/ http://localhost:8080/jenkins/¬
ProxyRequests Off¬
ProxyPreserveHost On¬
¬
<Proxy http://localhost:8080/jenkins*>¬
Order deny,allow¬
Deny from all¬
▸ AllowOverride AuthConfig¬
▸ AuthType Basic¬
AuthName "jenkins"¬
▸ AuthBasicProvider file¬
AuthUserFile /etc/apache2/passfile¬
▸ Require valid-user¬
▸ Satisfy any¬
</Proxy>
When I used wrong password or non-exist username for authentication, I can find below messages in error.log of apache,
[Sat Oct 27 17:51:59 2012] [error] [client 222.128.175.95] user kane: authentication failure for "/jenkins/": Password Mismatch [Sat Oct 27 17:52:04 2012] [error] [client 222.128.175.95] user Aladdin not found: /jenkins/
There is no message will be logged when using right user and password in passfile. Though I input right user and password in web browser, the authentication dialog will prompt again. I also found below output in access.log of apache,
222.128.175.95 - kane [27/Oct/2012:17:39:54 +0800] "GET /jenkins/ HTTP/1.1" 401 794 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_2) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
Does anybody know how to make it work? Thanks.
632
Introduction. The reverse proxy can be used to authenticate and authorize requests before they are proxied to the destination servers. This can reduce load on the destination servers, add a layer of protection, and ensure consistent policies are implemented across your applications.
In addition to being a "basic" web server, and providing static and dynamic content to end-users, Apache httpd (as well as most other web servers) can also act as a reverse proxy server, also-known-as a "gateway" server.
Do you have authentication enabled on Jenkins as well? See this link: https://wiki.jenkins-ci.org/display/JENKINS/Apache+frontend+for+security for instructions on setting this up.
Particularly note the line which says that you cannot have security enabled in Jenkins and Apache simultaneously as the two will conflict, causing the infinite prompt you are seeing. Unfortunately you have to choose one or the other.
Also see this link for a more general discussion of Apache + Jenkins setup: https://wiki.jenkins-ci.org/display/JENKINS/Running+Jenkins+behind+Apache
150
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
