After a Reverse Proxy Server(RPS) running Apache authenticates the cookie from the external LDAP server
using the RPS ssl.conf configuration with mod_auth_pubtkt, is it a simple matter of specifying the
usual Apache ProxyPassReverse directive(s) to redirect to our application?
Can you combine both the toolkit "TKTAuthLoginURL" directives and the ProxyPassReverse in the same ssl.conf or httpd.conf file?
If doing so, how does Apache ssl.conf configuration know that the LDAP server authentication cookie was already
successfully applied before redirecting to our application using the ProxyPassReverse directive?
ssl.conf:
TKTAuthPublicKey /etc/httpd/conf/mod_auth_pubtkt-signKey-Client1.pub.pem
AuthType mod_auth_pubtkt
TKTAuthLoginURL https://my2FA.cloud.net/web/login/modauth_pubtkt.php?realm=POC
TKTAuthTimeoutURL https://my2FA.cloud.net/web/login/modauth_pubtkt.php?realm=POC&timeout=1
TKTAuthUnauthURL https://my2FA.cloud.net/web/login/modauth_pubtkt.php?realm=POC&unauth=1
TKTAuthRequireSSL on
AFAIK whatever version the apache server negotiates with the browser. The only thing that pubtkt does is setting the secure flag in the cookie.
Cheers,
Alex
--
---
You received this message because you are subscribed to the Google Groups "mod_auth_pubtkt users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mod_auth_pubtkt-...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.