We have a server with apache set up as an authentication front end for a backend web service running on the same box.
The setup seemed to work at first, but we soon realised that apache was asking for authentication every time we clicked a link, went back or reloaded a page. We're now at a loss to resolve this.
Our apache2 virtual hosts file:
<VirtualHost *:80>
ServerName app.ourdomain.com
ErrorLog /var/log/apache2/graphiti-error.log
CustomLog /var/log/apache2/graphiti-access.log common
<Location "/">
require valid-user
order allow,deny
Allow from all
AuthType Basic
AuthName "Stats"
AuthBasicProvider file
AuthUserFile /etc/passwd_lp
</Location>
ProxyRequests off
ProxyPreserveHost on
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
<Proxy *>
Order allow,deny
Allow from all
</Proxy>
</VirtualHost>
We're using Apache2 v2.2.22 on Ubuntu EC2 12.04
We have already tried; moving the Auth declarations into the <Proxy> block; setting ProxyRequests on; setting ProxyPreserveHost off.
Thanks
Best Answer
I have now solved this problem. It was nothing to do with Apache in the end (per se). Graphiti uses a JavaScript function to make HTTP requests to the Graphite service, which we had set up as a separate vhost, which also had Auth setup (some users prefer to use it directly).
So basically, no user/password were in the URL that graphite was using, and so every one triggered an Auth prompt. To fix it, we just needed to update our templates so that the URL generates with the
http://<user>:<password>@<host>syntax.