Why www-authenticate headers from multiple realms on my reverse proxy?

Why www-authenticate headers from multiple realms on my reverse proxy?

am 26.10.2004 05:25:34 von Stan Dyck

Apologies if this isn't the proper forum.

I'm trying to set up a reverse proxy in Apache 2.0.50. The reverse
proxy on server1 is supposed to deliver the contents of server2 to
user agents. I've set up my http.conf file like so:

ProxyPass /resource1/ http://server2/resource1/
ProxyPassReverse /resource1/ http://server2/resource1/


Order deny,allow
Allow from all
AuthType Basic
AuthName "Intranet"
AuthUserFile inet_passwd
Require user authuser


So I expect that when I try to access
http://server1/resource1/index.html from a user agent that cannot
access server2 directly, I should be challenged for authentication by
the "Intranet" realm. This indeed happens. But after entering the
proper password for the user "authuser", I get a 401 response and a
second WWW-Authenticate header for the realm "server2". Since server2
does not require authentication, I'm not sure where this is coming
from, but I am unable to authenticate with this second request.

I've tried:

1. Remove Auth* directives from the grouping.
Result: I'm able to access http://server1/resource1/index.html with no
authentication.

2. Changed the ProxyPass directive to point to another server with the
Auth* directives in.
Result: I'm able to access http://server1/resource1/index.html with
only one authentication challenge.

This suggests that server2 is generating the 401, but why would that
be the case? It is not set up to require authentication. I guess my
question is why am I getting this second authentication request? More
importantly, how can I make it stop?