logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: wstunnel behind AuthType Basic
Author
gbr



Joined: 03 May 2022
Posts: 1

PostPosted: Wed 04 May '22 15:40    Post subject: wstunnel behind AuthType Basic Reply with quote

I run Apache as a reverse proxy to an app. Part of the reverse proxy connects to NoVNC which uses websockets to display the VNC screen.

If I do not use authorization (AuthType Basic), the reverse proxy works perfectly. As soon as I add authorization, the wstunnel fails.

This is my config file (ignore using port 80, this is still testing stuff):

Code:

<VirtualHost *:80>
#    ServerAdmin gbr@erlphase.com
#    ProxyRequests off
#    DocumentRoot /var/www
#    SSLProxyEngine on
    ProxyPreserveHost On

#    ServerName kvm4.erlphase.com


    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel error


    ProxyPass /display/ http://localhost:5800/
    ProxyPassReverse /display/ http://localhost:5800/

    ProxyPass /wiki_7 ws://127.0.0.1:5801/websockify retry=3
    ProxyPassReverse /wiki_7 ws://127.0.0.1:5801/websockify retry=3       

    ProxyPass /fileserver_6 ws://127.0.0.1:5803/websockify retry=3
    ProxyPassReverse /fileserver_6 ws://127.0.0.1:5803/websockify retry=3       

    ProxyPass /wpg-common-pc_14 ws://127.0.0.1:5809/websockify retry=3
    ProxyPassReverse /wpg-common-pc_14 ws://127.0.0.1:5809/websockify retry=3       

    ProxyPass / http://localhost:10000/
    ProxyPassReverse / http://localhost:10000/

    <Proxy *>
        Order deny,allow
        Allow from all
        AuthType Basic
        AuthName "Nexe Access"
        AuthUserFile /var/www/.htpasswd
        Require valid-user
    </Proxy>

</VirtualHost>


My app runs on port 10000 (localhost only).

Is there a known issue running a wstunnel behind authorization?

Thanks,
Gerald

ps: I have gotten around the issue by running a reverse proxy on another port that does all the noVNC websocket stuff, but I don't think that's very secure.
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7288
Location: Germany, Next to Hamburg

PostPosted: Thu 05 May '22 15:20    Post subject: Reply with quote

The first thing I see is that you mix old (2.2) and new (2.4) config.

Delete "Order deny,allow" and "Allow from all"
Back to top


Reply to topic   Topic: wstunnel behind AuthType Basic View previous topic :: View next topic
Post new topic   Forum Index -> Apache