I want to implement NTLM-based access to CUPS. CUPS doesn't support
that by itself so I've decided to make it listen strictly on
127.0.0.1 and "export" it via a local Apache's vhost using mod_proxy.
Here's my vhost setup:
---8<--[cut start]------------------------------------------------
<VirtualHost *:80>
ServerName cups.jukebox.domain007.com
ServerAlias printer.jukebox.domain007.com
ServerAdmin [EMAIL PROTECTED]
ProxyRequests off
ProxyPass / http://localhost:631/
ProxyPassReverse / http://localhost:631/
<Location />
PerlAuthenHandler +Apache2::AuthenNTLM
AuthType ntlm,basic
AuthName "Admins Only"
PerlAddVar ntdomain "DOMAIN007 rras bercut"
PerlSetVar defaultdomain DOMAIN007
PerlSetVar splitdomainprefix 0
PerlSetVar ntlmdebug 1
PerlSetVar ntlmsemtimout 10
Require valid-user
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 192.168.0.0/255.255.0.0
</Location>
---8<--[cut end]--------------------------------------------------
This works OK in two cases:
1) All AuthenNTLM stuff is commented out (and then there's no
authentication of course, but I can manage CUPS);
2) mod_proxy's stuff is commented out (and then there IS
authentication, but Apache just shows some directory index since
no proxying is performed).
Various tweakery of mod_proxy like disabling cacheing, turning ProxyVia
off and the like yielded no results.
Please help!
System info:
OS: Debian Sarge 3.1
Apache: 2.0.54 (prefork model)
mod_perl: 2.0.1
Apache2::AuthenNTLM: 0.02
