Apologies if this isn't the proper forum. I'm trying to set up a reverse proxy in Apache 2.0.50. The reverse proxy on server1 is supposed to deliver the contents of server2 to user agents. I've set up my http.conf file like so:
ProxyPass /resource1/ http://server2/resource1/ ProxyPassReverse /resource1/ http://server2/resource1/ <Proxy *> Order deny,allow Allow from all AuthType Basic AuthName "Intranet" AuthUserFile inet_passwd Require user authuser </Proxy> So I expect that when I try to access http://server1/resource1/index.html from a user agent that cannot access server2 directly, I should be challenged for authentication by the "Intranet" realm. This indeed happens. But after entering the proper password for the user "authuser", I get a 401 response and a second WWW-Authenticate header for the realm "server2". Since server2 does not require authentication, I'm not sure where this is coming from, but I am unable to authenticate with this second request. I've tried: 1. Remove Auth* directives from the <Proxy> grouping. Result: I'm able to access http://server1/resource1/index.html with no authentication. 2. Changed the ProxyPass directive to point to another server with the Auth* directives in. Result: I'm able to access http://server1/resource1/index.html with only one authentication challenge. This suggests that server2 is generating the 401, but why would that be the case? It is not set up to require authentication. I guess my question is why am I getting this second authentication request? More importantly, how can I make it stop?
