PHWinfo - Afficher un message - Getting Allow from credentials from a header.

16/03/2005, 14h59

Andy Davidson <$andy$@nosignal.org> writes:
> i.e. we want the same list of IP addresses in the <Location> tags,
> but we want apache to look at a header for the IP info, not the
> source requests (which will always be the reverse proxy.)
>
> Any ideas on how this can be done ?

Look up mod_rpaf for Apache. This rewrites the remote address to be
the address in the header, *if* the original remote address is in a
trusted list.

It (in Apache 1, at least - I didn't look at the Apache 2 version) is
a very large hack, so there may be side-effects, but we managed to run
it in production for several months without serious problems. There
were other authentication-related issues, but provided you *only*
proxy and don't cache too, they won't bite you.

--
Chris

16/03/2005, 14h59	#2
Chris Morris Messages: n/a Hébergeur:	Re: Getting Allow from credentials from a header. Andy Davidson <$andy$@nosignal.org> writes: > i.e. we want the same list of IP addresses in the <Location> tags, > but we want apache to look at a header for the IP info, not the > source requests (which will always be the reverse proxy.) > > Any ideas on how this can be done ? Look up mod_rpaf for Apache. This rewrites the remote address to be the address in the header, if the original remote address is in a trusted list. It (in Apache 1, at least - I didn't look at the Apache 2 version) is a very large hack, so there may be side-effects, but we managed to run it in production for several months without serious problems. There were other authentication-related issues, but provided you only proxy and don't cache too, they won't bite you. -- Chris