Re: [users@httpd] Apache Reverse Proxy and NTLM Authentication Help!

2017-11-14 Thread Deanna Stevenson
Thanks a lot Yann for your input. Currently we are looking into alternative authentication methods. I am running this alongside modsecurity, and I wanted to post Osama Elnaggar's suggestion here, who was great enough to read my posts both here and modsecurity list to provide a suggestion. Might

Re: [users@httpd] Apache Reverse Proxy and NTLM Authentication Help!

2017-11-10 Thread Yann Ylavic
Deanna, On Fri, Nov 10, 2017 at 3:17 AM, Deanna Stevenson wrote: > Thanks Yann. I am on ubuntu 16.04 and apache 2.4.8, and looks like the MPM > module I have right now is "event", which seems to be default for modern > OSs. It seems like in 2.4 I can load different MPM

Re: [users@httpd] Apache Reverse Proxy and NTLM Authentication Help!

2017-11-09 Thread Deanna Stevenson
Thanks Yann. I am on ubuntu 16.04 and apache 2.4.8, and looks like the MPM module I have right now is "event", which seems to be default for modern OSs. It seems like in 2.4 I can load different MPM modules at run time, and don't have to recompile apache. Do you agree? If yes, can I switch back

Re: [users@httpd] Apache Reverse Proxy and NTLM Authentication Help!

2017-11-09 Thread Yann Ylavic
Hi Deanna, On Thu, Nov 9, 2017 at 6:24 PM, Deanna Stevenson wrote: > > After researching it turned out to be related with maintaining persistent > connections. For NTLM to work through a reverse proxy, client connections need to be associated with backend ones (1:1), that

Re: [users@httpd] Apache Reverse Proxy and NTLM Authentication Help!

2017-11-09 Thread Deanna Stevenson
Yes, its the backend server that is doing the authentication. I see 401 errors - Unauthorized: Access is denied due to invalid credentials Here are reference posts with similar problems, to give you some understanding of my problem. The last one has lot of details, and explains "Tying

Re: [users@httpd] Apache Reverse Proxy and NTLM Authentication Help!

2017-11-09 Thread Nick Kew
On Thu, 2017-11-09 at 10:24 -0700, Deanna Stevenson wrote: > The traffic seems to be proxied right as I get the authentication > popup window, but the window keeps popping up even after supplying > correct credentials. That's the backend that's authenticating, right? What does its log say? Do

[users@httpd] Apache Reverse Proxy and NTLM Authentication Help!

2017-11-09 Thread Deanna Stevenson
Hello, I am using apache 2.4.8 on a ubuntu 16.04 LTS. I am using apache as a reverse proxy. I have a website that is using NTLM authentication. The traffic seems to be proxied right as I get the authentication popup window, but the window keeps popping up even after supplying correct