Hi Apache users,
I'm running Apache 2.2.22 on Ubuntu server 12.04 as a reverse proxy to
some internal services, including Exchange/OWA 2003. I have setup a site
login page where users authenticate before they can access these
services. This works fine, but now I want to avoid users having to
authenticate a second time to access their OWA mailbox.
To do this I've setup a form which is pre-filled with the User ID,
password and some other details. This works if I post it directly to the
Exchange server, eg.
<form id="logonForm" name="logonForm" formtarget="_self"
action="https://ExchangeServer/exchweb/bin/auth/owaauth.dll"; method="post">
<input type="hidden" name="destination"
value="https://ExchangeServer/exchange"; />
But fails if I post via the reverse proxy, eg.
<form id="logonForm" name="logonForm" formtarget="_self"
action="/exchange/bin/auth/owaauth.dll" method="post">
<input type="hidden" name="destination" value="/exchange" />
The relevant section of the virtual host file is:
# OWA links
<Location /exchange>
ProxyPass https://ExchangeServer/exchange
ProxyPassReverse https://ExchangeServer/exchange
SSLRequireSSL
</Location>
<Location /exchweb>
ProxyPass https://ExchangeServer/exchweb
ProxyPassReverse https://ExchangeServer/exchweb
SSLRequireSSL
</Location>
The only error I receive is a "440 Login Timeout" from the Exchange
server. I suspect it may be a cookie issue but I'm not really sure. As I
said the form auto login works fine if I use the Exchange server
directly rather than through the reverse proxy so I think it is an issue
with my mod_rewrite config.
Any suggestions or advice would be much appreciated
