Basically my scenario is that I have an internal website that requires a SINGLE hard-coded username and password to access (and this can't be turned off, only changed). I am exposing this website through a reverse proxy for various reasons (hiding the port, simplifying url, simplifying NAT, etc).
However, what I would like to do is be able to use Apache to handle the authentication so that:
- I don't have to give out
singlepassword to everyone I can have multiple usernames and passwords using Apache's BasicAuth For internal users, I don't have to prompt for a password
EDIT: Second part about richer authentication has been moved to new question
Here's more or less what I have now:
<VirtualHost *:80> ServerName sub.domain.com ProxyPass / http://192.168.1.253:8080/endpoint ProxyPassReverse / http://192.168.1.253:8080/endpoint # The endpoint has a mandatory password that I want to avoid requiring users to type # I.e. something like this would be nice (but does not work) # ProxyPass / http://username:email@example.com:8080/endpoint # ProxyPassReverse / http://username:firstname.lastname@example.org:8080/endpoint # Also need to be able to require a password to access proxy for people outside local subnet # However these passwords will be controlled by Apache using BasicAuth, not the ProxyPass endpoint # Ideas? </VirtualHost>