basin

Asked: 2015-11-10 00:16:45 +0800 CST2015-11-10 00:16:45 +0800 CST 2015-11-10 00:16:45 +0800 CST

haproxy anonymous frontend, authorized backend with NTLM

Need to provide an anonymous readonly access to an svn repository

AFAIK, haproxy cannot auth on backend by itself.

There's a working configuration for haproxy with basic auth. How to migrate it to NTLM? Main problem is we cannot simply add a static header because of the challenge-response mechanism.

frontend svn_f
  bind *:8000
  mode http
  default_backend svn_b
  acl valid_method method GET HEAD OPTIONS PROPFIND REPORT
  acl valid_path path_beg /svn/myrepo
  http-request deny unless valid_method valid_path

backend svn_b
  reqadd      Authorization:\ Basic\ xxxxxxxxxxxxxxxxxxxx
  server svn_server 192.168.2.1:443 ssl verify none

Maybe Apache can do this? Tried this, but it does not work:

SSLProxyEngine on
<VirtualHost *:8000>
KeepAlive on
ProxyPass / https://user:[email protected]/ connectiontimeout=5 timeout=30 keepalive=On
ProxyPassReverse / https://192.168.2.1/
</VirtualHost>

haproxy anonymous frontend, authorized backend with NTLM

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?

haproxy anonymous frontend, authorized backend with NTLM

0 Answers