Greetings,
I am a little challenged on setting up mod_digest in HTTPD to authenticate
one particular URI before ProxyPass'ing it on to Tomcat. My directives are
not working:
-----------httpd.conf snippet:-------
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile ServerCertificate.cer
SSLCertificateKeyFile Serverkey.key
<Location /sites/secure/>
AuthType Digest
AuthName "Password Required"
AuthDigestDomain /sites/secure/
AuthDigestProvider file
AuthUserFile /var/www/mypass.file
AuthGroupFile /var/www/mygroup.file
Require group secure
</Location>
SSLProxyEngine On
ProxyPass / https://server.domain.com:7443/
ProxyPassReverse / https://server.domain.com:7443/
------------End of httpd.conf snippet----------
(I plan to ProxyPass to Tomcat's HTTP connector to avoid a double SSL
overhead; but for now, it goes to Tomcat's SSL connector).
With this setup, all URIs go straight to Tomcat and "/sites/secure" does
not get authenticated.
Should I have two Location stanzas with individual ProxyPass directives? I
wanted to keep the directives minimal.
Thanks,
-Shanti
