SeijiSensei,
I spent another 4h trying to implement your solution. It kind of works! I am now redirecting all traffic through my apache2 reverse proxy on the HTPC!! I set LogLevel debug and wrote some silly scripts (sed and grep) to show some stats on the currently logged in users.
Here are the issues I'm having:
1) If I try to set AuthType to Digest, AuthDigestFile is not a recognized option.
Code:
Invalid command 'AuthDigestFile', perhaps misspelled or defined by a module not included in the server configuration
From googling this, it appears it has been replaced by the usual AuthUserFile. However when I set AuthType to Digest and I use AuthUserFile pointing at the digest password file generated with htdigest, none of the passwords actually work: "authentication failure for "/": Password Mismatch". I of course used the same AuthName in proxy.conf as when running htdigest. I may just upgrade to SSL based authentication if I can get myself to spend yet more time on this.
2) I don't have a good server monitoring solution. Ideally I'd like to see who is logged in at any one time, and upon request, a history of logins (i.e. 'user XYZ was logged in from 1PM to 3:24PM today').
I found out about mod_status, and I turned it on as a test. It sort of works, but I wonder if there is something better.
3) Also I wonder if I have opened up any security holes, e.g. left open a forward proxy, etc. Here are the main config files:
Code:
$ cat /etc/apache2/mods-enabled/status.conf | grep -iv "#" | grep -iv "^$"
<IfModule mod_status.c>
<Location /server-status>
SetHandler server-status
Order deny,allow
Deny from all
Allow from localhost ip6-localhost 192.168.1.130 192.168.1.2 192.168.1.123 192.168.1.3
</Location>
</IfModule>
Code:
$ cat /etc/apache2/mods-enabled/proxy.conf | grep -iv "#"
<IfModule mod_proxy.c>
ProxyRequests Off
<Proxy *>
AddDefaultCharset off
Order allow,deny
Allow from all
AuthType Basic
AuthName "webcam"
AuthDigestProvider file
AuthUserFile /usr/local/apache2/passwords
AllowOverride none
Require valid-user
</Proxy>
ProxyPass /tv/ http://192.168.1.30:6666/
ProxyPassReverse /tv/ http://192.168.1.30:6666/
ProxyVia On
</IfModule>
Code:
$ cat /etc/apache2/httpd.conf | grep -iv "#" | grep -iv "^$"
ExtendedStatus On
Code:
$ ls /etc/apache2/mods-enabled/
alias.conf authz_host.load deflate.conf negotiation.conf setenvif.conf
alias.load authz_user.load deflate.load negotiation.load setenvif.load
auth_basic.load autoindex.conf dir.conf proxy.conf ssl.conf
auth_digest.load autoindex.load dir.load proxy_http.load ssl.load
authn_file.load cgid.conf env.load proxy.load status.conf
authz_default.load cgid.load mime.conf reqtimeout.conf status.load
authz_groupfile.load cgi.load mime.load reqtimeout.load
I tried to do as much work as I could on my own so that I would not harass you with newbie questions. At this point I've reached the limits of my networking knowledge (in fact I've gone far beyond them .
Bookmarks