Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How can I password-protect applications behind mod_proxy in Apache?

Tags:

passwords

apache

tomcat

basic-authentication

mod-proxy

I have a number of web applications running in a Tomcat instance.

They are fronted by an Apache instance, using mod_proxy.

Each web application is a silo in and of itself, each with its own user credential store and user authentication and authorisation. I want to continue using that.

However, I would like to apply simple password protection at the Apache level - maybe just a single known username/password using Basic Auth - before the requests are forwarded on to the Tomcat instance. Is this possible? and how can this be done?

like image 623
Vihung Avatar asked May 09 '14 13:05

Vihung

People also ask

What is mod_proxy Apache?

mod_proxy , the main proxy module Apache module for redirecting connections; it allows Apache to act as a gateway to the underlying application servers.

What is ProxyPass and ProxyPassReverse in httpd conf?

The "ProxyPass" and "ProxyPassReverse" parameters are used to tell Apache how to proxy requests. They require the "mod_proxy.so" and "mod_proxy_http.so" Apache modules, which are loaded by default in RHEL5 and RHEL6, but check the following lines are uncommented in the "/etc/httpd/conf/httpd. conf" file to make sure.

1 Answers

You can do this within the <Location> directive

Example:

ProxyPass /mytomcatapp http://localhost:8080/app1

<Location /mytomcatapp>
  AuthType Basic
  AuthName "Wrapper auth"
  AuthBasicProvider file
  AuthUserFile "/path/to/users.htpasswd"
  Require valid-user
</Location>

This will give you HTTP Basic Auth when hitting yoursite.com/mytomcatapp

like image 94
arco444 Avatar answered Oct 02 '22 02:10

arco444
Sign in to Comment

Related questions

Removal of the /var/www/icons alias from Apache config [closed]
run python script as cgi apache server
configure only allow specific domains to access certain folders using .htaccess
enable gzip module on wampserver
Is Bootstrap 3.0 not working with Apache 2.4?
org.apache.http.entity.ContentType is not in Apache anymore?
DVWA setup PHP function allow_url_include: Disabled
Enable mod_headers in Apache in Windows
Why does Apache complain that my mod_perl program "disconnect invalidates 1 active statement handle"?
set charset in rails application
SVN errorcode=2 Could not open the requested SVN filesystem
apache - how to override index of /icons?
htaccess to rewrite wordpress subdirectory with permalinks to root
.htaccess Redirect to specific webpage based on browser
What is the precedence of multiple mod_rewrite rules in multiple .htaccess files? [closed]
Content-Security-Policy Invalid Command
Mod_rewrite check if php file exists
What is the difference between apache camel multicast and recipent-list patterns?
Analyzing high WSGI/Response time data of django with mod_wsgi on NewRelic
How is the SSL client certificate chosen when there are multiple matching certificates?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!