基本上我的情况是,我有一个内部网站,需要一个单一的硬编码用户名和密码才能访问(这不能关闭,只有改变)。我出于各种原因(隐藏端口,简化网址,简化NAT等)通过反向代理公开此网站。
我现在拥有的:
<VirtualHost *:80>
ServerName sub.domain.com
ProxyPass / http://192.168.1.253:8080/endpoint
ProxyPassReverse / http://192.168.1.253:8080/endpoint
# The endpoint has a mandatory password that I want to avoid requiring users to type
# I.e. something like this would be nice (but does not work)
# ProxyPass / http://username:password@192.168.1.253:8080/endpoint
# ProxyPassReverse / http://username:password@192.168.1.253:8080/endpoint
# Also need to be able to require a password to access proxy for people outside local subnet
# However these passwords will be controlled by Apache using BasicAuth, not the ProxyPass endpoint
# Ideas?
</VirtualHost>
发布于 2018-03-02 13:30:28
在将任何请求传递到端点之前添加或覆盖Authorization标头。授权头可以是硬编码的,它只是字符串“username:password”的base-64编码(不带引号)。
如果尚未完成,请启用mod_headers模块。
RequestHeader set Authorization "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ=="
要有条件地执行此操作,请启用mod_setenvif,例如,在本地请求的情况下仍要求输入主密码:
SetEnvIf Remote_Addr "127\.0\.0\.1" localrequest
RequestHeader set Authorization "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" env=!localrequest
例
# ALL remote users ALWAYS authenticate against reverse proxy's
# /www/conf/passwords database
#
<Directory /var/web/pages/secure>
AuthBasicProvider /www/conf/passwords
AuthType Basic
AuthName "Protected Area"
Require valid-user
</Directory>
# reverse proxy authenticates against master server as:
# Aladdin:open sesame (Base64 encoded)
#
RequestHeader set Authorization "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ=="
发布于 2018-03-02 14:36:47
那么我用你的例子来指向两个使用apache proxypass的IP摄像机。当我使用语法user:password@camarafeliz3.compufiber.com并通过iphone访问时,我从safari(iphone navigator)获得了一条安全消息,因此我将该示例更改为与iPhone 4S以及iPhone 4S
<Location /camarafeliz1/ >
# usuario admin password 123456
ProxyPass http://192.168.0.39/
ProxyPassReverse http://192.168.0.39/
RequestHeader set Authorization "Basic YWRtaW46MTIzNDU2=="
</Location>
<Location /camarafeliz3/ >
# usuario admin password 123456
ProxyPass http://192.168.0.99/
ProxyPassReverse http://192.168.0.99/
RequestHeader set Authorization "Basic YWRtaW46MTIzNDU2=="
</Location>
iPhone 4s也停止了对安全的抱怨,因为链接中有用户和密码。
https://stackoverflow.com/questions/-100007492
复制相似问题