Hi folks, I have a web app (served by Tomcat) that was intended for intranet use. As such I assume that the security is only basic and it is not suitable for facing the public internet. When seeking a product to stand between my app and the world, haproxy was recommended to me. I understand that this is not the primary function of haproxy so if anyone can suggest a product more suitable (open or commercial), then I'm all ears.
I have spoken briefly with Willy who has very kindly set me on the right track for a couple of issues but I'm still not grokking haproxy yet. I have the following set in my haproxy.cfg. haproxy is correctly proxying my application but I am not challenged for a password at any point. Would someone kindly point out where I have made errors? Also, Willy suggested that I could use haproxy 1.5(dev) to harden the connection, preventing brute force attacks and the like. I have reviewed the configuration.txt file and most of the concepts are foreign to me. Has anyone a sample config file for this purpose they would share? Thanks, Sean userlist L1 group G1 users sean user sean insecure-password abc123 backend sleds mode http acl auth_ok http_auth(L1) G1 http-request auth unless auth_ok timeout connect 10s timeout server 30s balance roundrobin server sled1 127.0.0.1:10001 weight 1 maxconn 512 frontend http_proxy #arbitrary name for the frontend bind :80 #all interfaces at port 80 mode http option forwardfor option http-server-close option http-pretend-keepalive default_backend sleds #by default forward the requests to sled