I'm trying to get couchpotato set up in a reverse proxy with apache 2.4.3 using mod_auth_form for authentication. The proxy is working fine, but the authentication is not working as expected.
When I browse to my password protected url I get a 401 status which I am over riding according to the inline login documentation for the mod_auth_form module. This redirects me to my login page and all this is working correctly. However, when I fill in my login form and submit it, I get a 405 error: The method POST is not allowed for the requested URL. This is returned by the couchpotato web server, which is Tornado I think. It seems that a method for a POST request has not been implemented in the couchpotato handler and that is why it is throwing a 405 error. My real question is why is this POST request ever making it to the couchpotato server? From the mod_auth_form documentation found at http://httpd.apache.org/docs/2.4/mod/mod_auth_form.html: "When the end user has filled in their login details, the form will make an HTTP POST request to the original password protected URL. mod_auth_form will intercept this POST request, and if HTML fields are found present for the username and password, the user will be logged in, and the original password protected URL will be returned to the user as a GET request." According to this it seems that the request going to the couchpotato server should be a GET request after the mod_auth_form has intercepted the POST from my login form. Here is the access log from apache: - - [27/Nov/2012:09:32:03 -0700] "GET /couchpotato/ HTTP/1.1" 401 1160 (The original request) - - [27/Nov/2012:09:32:03 -0700] "GET /css/style.css HTTP/1.1" 200 21959 (These are resources from the login page) - - [27/Nov/2012:09:32:03 -0700] "GET /javascript/functions.js HTTP/1.1" 200 386 (These are resources from the login page) - - [27/Nov/2012:09:32:11 -0700] "POST /couchpotato/ HTTP/1.1" 405 183 (This is after I submit the login form) Here is my virtual host config, Location /couchpotato/ being the one of interest: <VirtualHost *:80> ServerName myserver.com RedirectPermanent / https://myserver.com/ </VirtualHost> <VirtualHost *:443> ServerName myserver.com SSLEngine On SSLProxyEngine On RewriteEngine On SSLCertificateFile /usr/local/apache2/auth/apache.pem DocumentRoot /var/www RedirectMatch ^/sickbeard$ /sickbeard/ RedirectMatch ^/couchpotato$ /couchpotato/ SetEnv proxy-initial-not-pooled 1 SetEnv proxy-nokeepalive 1 SetEnv force-proxy-request-1.0 1 ProxyPreserveHost On <Directory /> Order deny,allow Allow from all AllowOverride None </Directory> <Location /rutorrent> Order deny,allow Allow from all AuthFormProvider file AuthType form AuthName "My Login" Session On SessionCookieName session path=/ require valid-user # This is the login page ErrorDocument 401 /login.html # This is the file containing users login data AuthUserFile /usr/local/apache2/auth/rutorrent_passwd </Location> <Location ~ "^/rutorrent/(conf|share)"> Order deny,allow Deny from all </Location> <Location ~ "/\\.svn"> Order deny,allow Deny from all </Location> <Location /sickbeard/> Order deny,allow Allow from all ProxyPass http://localhost:8081/sickbeard/ ProxyPassReverse http://localhost:8081/sickbeard/ AuthFormProvider file AuthType form AuthName "My Login" Session On SessionCookieName session path=/ require valid-user # This is the login page ErrorDocument 401 /login.html # This is the file containing users login data AuthUserFile /usr/local/apache2/auth/rutorrent_passwd </Location> <Location /couchpotato/> Order deny,allow Allow from all ProxyPass http://localhost:5050/couchpotato/ ProxyPassReverse http://localhost:5050/couchpotato/ AuthFormProvider file AuthType form AuthName "My Login" Session On SessionCookieName session path=/ require valid-user # This is the login page ErrorDocument 401 /login.html # This is the file containing users login data AuthUserFile /usr/local/apache2/auth/rutorrent_passwd </Location> <Location /public> Order deny,allow Allow from all </Location> </VirtualHost> And here is the login page html: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd";> <html xmlns="http://www.w3.org/1999/xhtml";> <head> <meta content="yes" name="apple-mobile-web-app-capable" /> <meta content="text/html; charset=utf-8" http-equiv="Content-Type" /> <meta content="minimum-scale=1.0, width=device-width, maximum-scale=0.6667, user-scalable=no" name="viewport" /> <link href="//myserver.com/css/style.css" rel="stylesheet" media="screen" type="text/css" /> <script src="//myserver.com/javascript/functions.js" type="text/javascript"></script> <title>My Login</title> </head> <body> <div id="topbar"> <div id="title">My Login</div> </div> <div id="content"> <form method="post" action=""> <ul class="pageitem"> <li class="bigfield"><input placeholder="Name" name="httpd_username" type="text" /></li> <li class="bigfield"><input placeholder="Password" name="httpd_password" type="password" /></li> </ul> <ul class="pageitem"> <li class="button"> <input name="login" type="submit" value="Login" /> </li> </ul> </form> </div> <div id="footer"> </div> </body> </html>
