<VirtualHost *:8000> #server#balancer-infomanager GUI via port 8000 <Location /balancer-manager> SetHandler balancer-manager </Location> #Req 4.b <Location "/server-info>info"> SetHandler server-info AuthType Digest AuthName "realm" AuthDigestDomain "/server-info" AuthDigestProvider file AuthUserFile /etc/httpd-auth/digest_passwords_file Require ipvalid-user </Location> # 172Req 4.31a, Req 4.b <Location "/server-status"> SetHandler server-status AuthType Digest AuthName "realm" AuthDigestDomain "/server-status" AuthDigestProvider file AuthUserFile /etc/httpd-auth/digest_passwords_file Require valid-user </Location> </VirtualHost> <VirtualHost *:8000> #server-info GUI via port 8000 <Location /server-info> SetHandler server-info Require ip 172.31 </Location> </VirtualHost> <VirtualHost *:8000> #balancer-manager GUI via port 8000 <Location /balancer-manager> SetHandler balancer-manager </Location> #Req 4.b <Location "/server-info"> SetHandler server-info AuthType Digest AuthName "realm" AuthDigestDomain "/server-info" AuthDigestProvider file AuthUserFile /etc/httpd-auth/digest_passwords_file Require valid-user </Location> # Req 4.a, Req 4.b <Location "/server-status"> SetHandler server-status AuthType Digest AuthName "realm" AuthDigestDomain "/server-status" AuthDigestProvider file AuthUserFile /etc/httpd-auth/digest_passwords_file Require valid-user </Location> </VirtualHost> It seems when digest authentication is enabled on the internal server, it fails when accessing from the load balancer. On worksa I have the following:
On worksa I have the following:
<VirtualHost *:8000> #server-info GUI via port 8000 <Location /server-info> SetHandler server-info Require ip 172.31 </Location> </VirtualHost> I've used chmod 0644 on index.html and it doesn't seem to help.
In summary, http://loadbalancer/a/server-info asks for credentials then returns 400 bad request, and http://loadbalancer/a/index.html returns 403 forbidden.
It seems when digest authentication is enabled on the internal server, it fails when accessing from the load balancer.
I've used chmod 0644 on index.html and it doesn't seem to help.
It seems when digest authentication is enabled, it fails when accessing from the load balancer. On worksa I have the following:
On worksa I have the following:
<VirtualHost *:8000> #server-info GUI via port 8000 <Location /server-info> SetHandler server-info Require ip 172.31 </Location> </VirtualHost> I've used chmod 0644 on index.html and it doesn't seem to help.
In summary, http://loadbalancer/a/server-info asks for credentials then returns 400 bad request, and http://loadbalancer/a/index.html returns 403 forbidden.
In my httpd.conf for the load balancer I have the following lines. #SERVER-INFO-ATTEMPT------- is where I have tried to implement my wishes.
<VirtualHost *:80> ProxyRequests off #Start Proxy balancer block and define cluster <Proxy balancer://thecluster> BalancerMember http://172.31.2719.155205:8080 BalancerMember http://172.31.2128.18585:8080 loadfactor=3 BalancerMember http://172.31.28.20149:8080 #weighted traffic byte count balancing ProxySet lbmethod=bytraffic nofailover=off </Proxy> #pass through any other proxy requests ProxyPass / balancer://thecluster/ ProxyPass /worksa/ http://172.31.2719.155205:8080 ProxyPass /worksb/ http://172.31.2128.18585:8080 ProxyPass /worksc/ http://172.31.28.20149:8080 #SERVER-INFO ATTEMPT------------------------ ProxyPass /a/ http://172.31.2719.155205:8000 ProxyPass /b/ http://172.31.2128.18585:8000 ProxyPass /c/ http://172.31.28.20149:8000 #pass through any other proxy requests #SERVERProxyPass INFO/ ATTEMPT-------------------------balancer://thecluster/ #route traffic back through the cluster and act as a load balancer, ensure headers generated from any workers are modified to point to the load balancer, masking the backend web servers #ProxyPassReverse / balancer://thecluster/ </VirtualHost> <VirtualHost *:8000> ProxyRequests off #balancer-manager GUI via port 800080 <Location /balancer-manager> SetHandler balancer-manager </Location> #don't pass requests to the BM through to the cluster ProxyPass /balancer-manager ! <Location "/~Alice"> AuthType Digest AuthName "private" AuthDigestDomain "/~Alice" AuthDigestProvider file AuthUserFile "/etc/httpd-auth/digest_passwords_file2" Require valid-user </Location> <Location "/~Bob"> AuthType Digest AuthName "private" AuthDigestDomain "/~Bob" AuthDigestProvider file AuthUserFile "/etc/httpd-auth/digest_passwords_file2" Require valid-user </Location> </VirtualHost> <VirtualHost *:8000> ProxyRequests off #server-info GUI via port 8000 <Location /server-info> SetHandler server-info </Location> #server-status GUI via port 8000 <Location /server-status> SetHandler server-status </Location> <<Location "/VirtualHost> server-info"> In my conf for each backend box I have the following:
Listen 8000 AuthType Digest <VirtualHost *:8000> AuthName "realm" AuthDigestDomain "/server-info" ProxyRequests off AuthDigestProvider file <Location AuthUserFile /serveretc/httpd-status>auth/digest_passwords_file SetHandlerRequire servervalid-statususer </Location> <Location "/server-status"> AuthType Digest AuthName "realm" AuthDigestDomain "/server-digeststatus" authentication config AuthDigestProvider file AuthUserFile /etc/httpd-auth/digest_passwords_file Require valid-user </Location> </VirtualHost> I get a 404 when trying http://loadbalancer/a/server-status. Again, accessing server-status directly through //ipofbox:8000/server-status works fine. I think the issue is that ProxyPass seems to be treating /a/ as a directory, I'm not sure. Any suggestions would be most welcome.
It seems when digest authentication is enabled on the internal server, it fails when accessing from the load balancer.
Secondly, when trying to access http://loadbalancer/worksa/index.html I get a 403 forbidden, the access log of worksa says as follows
(13)Permission denied: file permissions deny server access: /var/www/html/index.html. I've used chmod 0644 on index.html and it doesn't seem to help.
In my httpd.conf for the load balancer I have the following lines. #SERVER-INFO-ATTEMPT------- is where I have tried to implement my wishes.
<VirtualHost *:80> ProxyRequests off #Start Proxy balancer block and define cluster <Proxy balancer://thecluster> BalancerMember http://172.31.27.155:8080 BalancerMember http://172.31.21.185:8080 loadfactor=3 BalancerMember http://172.31.28.201:8080 #weighted traffic byte count balancing ProxySet lbmethod=bytraffic nofailover=off </Proxy> #pass through any other proxy requests ProxyPass / balancer://thecluster/ ProxyPass /worksa/ http://172.31.27.155:8080 ProxyPass /worksb/ http://172.31.21.185:8080 ProxyPass /worksc/ http://172.31.28.201:8080 #SERVER-INFO ATTEMPT------------------------ ProxyPass /a/ http://172.31.27.155:8000 ProxyPass /b/ http://172.31.21.185:8000 ProxyPass /c/ http://172.31.28.201:8000 #SERVER INFO ATTEMPT------------------------- #route traffic back through the cluster and act as a load balancer, ensure headers generated from any workers are modified to point to the load balancer, masking the backend web servers #ProxyPassReverse / balancer://thecluster/ </VirtualHost> <VirtualHost *:8000> ProxyRequests off #balancer-manager GUI via port 8000 <Location /balancer-manager> SetHandler balancer-manager </Location> #server-info GUI via port 8000 <Location /server-info> SetHandler server-info </Location> #server-status GUI via port 8000 <Location /server-status> SetHandler server-status </Location> </VirtualHost> In my conf for each backend box I have the following:
Listen 8000 <VirtualHost *:8000> ProxyRequests off <Location /server-status> SetHandler server-status </Location> --digest authentication config </VirtualHost> I get a 404 when trying http://loadbalancer/a/server-status. Again, accessing server-status directly through //ipofbox:8000/server-status works fine. I think the issue is that ProxyPass seems to be treating /a/ as a directory, I'm not sure. Any suggestions would be most welcome.
It seems when digest authentication is enabled on the internal server, it fails when accessing from the load balancer.
In my httpd.conf for the load balancer I have the following lines.
<VirtualHost *:80> ProxyRequests off #Start Proxy balancer block and define cluster <Proxy balancer://thecluster> BalancerMember http://172.31.19.205:8080 BalancerMember http://172.31.28.85:8080 loadfactor=3 BalancerMember http://172.31.28.49:8080 #weighted traffic byte count balancing ProxySet lbmethod=bytraffic nofailover=off </Proxy> ProxyPass /worksa http://172.31.19.205:8080 ProxyPass /worksb http://172.31.28.85:8080 ProxyPass /worksc http://172.31.28.49:8080 ProxyPass /a http://172.31.19.205:8000 ProxyPass /b http://172.31.28.85:8000 ProxyPass /c http://172.31.28.49:8000 #pass through any other proxy requests ProxyPass / balancer://thecluster/ #route traffic back through the cluster and act as a load balancer, ensure headers generated from any workers are modified to point to the load balancer, masking the backend web servers #ProxyPassReverse / balancer://thecluster/ #balancer-manager GUI via port 80 <Location /balancer-manager> SetHandler balancer-manager </Location> #don't pass requests to the BM through to the cluster ProxyPass /balancer-manager ! <Location "/~Alice"> AuthType Digest AuthName "private" AuthDigestDomain "/~Alice" AuthDigestProvider file AuthUserFile "/etc/httpd-auth/digest_passwords_file2" Require valid-user </Location> <Location "/~Bob"> AuthType Digest AuthName "private" AuthDigestDomain "/~Bob" AuthDigestProvider file AuthUserFile "/etc/httpd-auth/digest_passwords_file2" Require valid-user </Location> </VirtualHost> <VirtualHost *:8000> ProxyRequests off #server-info GUI via port 8000 <Location /server-info> SetHandler server-info </Location> #server-status GUI via port 8000 <Location /server-status> SetHandler server-status </Location> <Location "/server-info"> AuthType Digest AuthName "realm" AuthDigestDomain "/server-info" AuthDigestProvider file AuthUserFile /etc/httpd-auth/digest_passwords_file Require valid-user </Location> <Location "/server-status"> AuthType Digest AuthName "realm" AuthDigestDomain "/server-status" AuthDigestProvider file AuthUserFile /etc/httpd-auth/digest_passwords_file Require valid-user </Location> </VirtualHost> It seems when digest authentication is enabled on the internal server, it fails when accessing from the load balancer.
Secondly, when trying to access http://loadbalancer/worksa/index.html I get a 403 forbidden, the access log of worksa says as follows
(13)Permission denied: file permissions deny server access: /var/www/html/index.html. I've used chmod 0644 on index.html and it doesn't seem to help.