Quoting Kyle Tucker <[EMAIL PROTECTED]>:
> The purpose of this proxy is so many remote users can access
> web-based online scientific journals to which subscription is
> based on the source IP address. I need them to gain access to
> the proxy and protect the password via SSL, then the rest of
> the access can be via non-SSL proxy. I will try to consume your
> suggestions of using two servers, but I don't see how that can
> make the browser send authentication via SSL, althought I do
> it often for directly-accessed non-proxy Apache/mod_ssl servers.
> I assume proxy auth (407) works different than normal (401) auth.
> Thanks for the input.
well in normal circumstances Id use a script to check against a database before
allowing access etc.
well to draw as I was describing:
now you have
Proxy
S1 -----------> R1(secure)
which I cant see working.
Im saying as an alternative for proxying try
Proxy
S1--->S1(secure)--------------> R1(secure)
R1 being the offsite/other server you are proxying, S1 being your server, now
having a secure option also. Of course the problem here will be certificates,
it will want the certificate from S1 and not care about S2 I believe (I
question the security sense of this).
what might be better is simply having:
S1 ------------> R1(S) with password page
|
| Redirect
|
S1 (valid)
or
S1 password page, POST set to R1
|
R1 validate and redirect -------- S1 (entry or password page)
But like I said, for simply checking the IP youd be better scripting it I
think. Not sure its helping you here but some simple ideas that might give you
some.
Nick
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
