[SOLVED] Apache2.2 MOD_PROXY ProxPass with HTTP Authentication

samarudge · 12-24-2010, 02:19 PM

I have a server acting as a proxy to a couple of IP cameras on my local network. The IP cameras require HTTP-Authentication (Basic) but I want the outward facing Apache server to automatically log in without prompting the user for a login. My current configuration is

Code:

ProxyRequests Off
    <Proxy *>
        Order deny,allow
        Allow from all
    </Proxy>

    ProxyPass / http://username:password@ipcamera.lan/
    ProxyPassReverse / http://username:password@ipcamera.lan/

That works as a proxy but still asks for a HTTP Auth login. Can I get Apache to pass the login details to the IP cameras so users can just hit up the proxy and view the camera without having to log in?
-Sam

bathory · 12-24-2010, 06:24 PM

Hi,

You need to set username

assword as a base 64 encoded string in the request header.
Run:

Code:

echo username:password | mmencode

to get the base 64 username

assword.
Then use RequestHeader to set the authorization in the header according to the previous command output:

Code:

ProxyRequests Off
    <Proxy *>
        Order deny,allow
        Allow from all
    </Proxy>
    RequestHeader set Authorization "Basic <base64 username:password>"
    ProxyPass / http://ipcamera.lan/
    ProxyPassReverse / http://ipcamera.lan/

Note that you need to add/enable the mod_headers module in order for the above to work.

Regards

samarudge · 12-25-2010, 05:07 AM

Quote:

Originally Posted by bathory

Hi,

You need to set username

assword as a base 64 encoded string in the request header.
Run:

Code:

echo username:password | mmencode

to get the base 64 username

assword.
Then use RequestHeader to set the authorization in the header according to the previous command output:

Code:

ProxyRequests Off
    <Proxy *>
        Order deny,allow
        Allow from all
    </Proxy>
    RequestHeader set Authorization "Basic <base64 username:password>"
    ProxyPass / http://ipcamera.lan/
    ProxyPassReverse / http://ipcamera.lan/

Note that you need to add/enable the mod_headers module in order for the above to work.

Regards

Awesome thanks!

As a note I didn't have mmencode on my system so I used base64 instead

jnsunkersett · 06-27-2012, 06:51 AM

Hi,

I found this post, relevant to a google search; so this post ... please pardon me if I am revining a very very old thread.

Can someone please elaborate; link me to;
1. What is mmencode?
2. How is the authorization set in the RequestHeader

thank you
Jeevan

bathory · 06-27-2012, 08:53 AM

Hi,

1. mmencode is used to encode/decode a string to/from base64 format. The same can be done using the base64 command as OP did, mimencode etc.
2. Using mod_headers, you set the header RequestHeader to contain the Authorization "Basic" and the username/password pair encoded in base64. This is the format used by apache's mod_auth to access protected pages. You can take a look here for more details on http headers.

Regards