[PATCH] mod_auth_ntlm_winbind enabling reverse proxy mode

Michael Baltaks mbaltaks at gmail.com
Mon Jan 29 00:27:29 GMT 2007 

Hi,

I hope I've got the right list, I couldn't see anywhere else to submit this.

I just want to submit this very small patch (7 lines changed) for 
mod_auth_ntlm_winbind that enables reverse proxy mode in the apache module.

Thanks,
-Michael.
-------------- next part --------------
--- mod_auth_ntlm_winbind.c	2007-01-17 09:24:09.000000000 +1100
+++ mod_auth_ntlm_winbind-revproxy.c	2007-01-17 09:25:59.000000000 +1100
@@ -320,7 +320,7 @@
         line = apr_pstrcat(r->pool, NEGOTIATE_AUTH_NAME, " ",
                            negotiate_auth_line, NULL);
         apr_table_add(r->err_headers_out,
-                      r->proxyreq ? "Proxy-Authenticate" : "WWW-Authenticate",
+                      (PROXYREQ_PROXY == r->proxyreq) ? "Proxy-Authenticate" : "WWW-Authenticate",
                       line);
     }
 
@@ -328,7 +328,7 @@
 
     if (crec->ntlm_on) {
         apr_table_add(r->err_headers_out,
-                      r->proxyreq ? "Proxy-Authenticate" : "WWW-Authenticate",
+                      (PROXYREQ_PROXY == r->proxyreq) ? "Proxy-Authenticate" : "WWW-Authenticate",
                       NTLM_AUTH_NAME);
     }
 
@@ -340,7 +340,7 @@
                            "Basic realm=\"", crec->ntlm_basic_realm, "\"",
                            NULL);
         apr_table_add(r->err_headers_out,
-                      r->proxyreq ? "Proxy-Authenticate" : "WWW-Authenticate",
+                      (PROXYREQ_PROXY == r->proxyreq) ? "Proxy-Authenticate" : "WWW-Authenticate",
                       line);
     }
 
@@ -357,7 +357,7 @@
 get_auth_header(request_rec * r, ntlm_config_rec * crec, const char *auth_scheme)
 {
     const char *auth_line = apr_table_get(r->headers_in,
-                                          r->proxyreq ? "Proxy-Authorization"
+                                          (PROXYREQ_PROXY == r->proxyreq) ? "Proxy-Authorization"
                                           : "Authorization");
 
     if (!auth_line) {
@@ -412,7 +412,7 @@
     /* Read negotiate from ntlm_auth */
 
     apr_table_setn(r->err_headers_out,
-                  r->proxyreq ? "Proxy-Authenticate" : "WWW-Authenticate",
+                  (PROXYREQ_PROXY == r->proxyreq) ? "Proxy-Authenticate" : "WWW-Authenticate",
                   apr_psprintf(r->pool, "%s %s", auth_scheme, reply));
 
     /* This is to make sure that when receiving later messages
@@ -841,7 +841,7 @@
             if (!strcmp("*", childarg)) {
                 /* Send last leg (possible mutual authentication token) */
                 apr_table_setn(r->headers_out,
-                              r->proxyreq ? "Proxy-Authenticate" : "WWW-Authenticate",
+                              (PROXYREQ_PROXY == r->proxyreq) ? "Proxy-Authenticate" : "WWW-Authenticate",
                               apr_psprintf(r->pool, "%s %s", auth_type, childarg));
             }
 
@@ -946,7 +946,7 @@
                                                  &auth_ntlm_winbind_module);
     ntlm_connection_context_t *ctxt = get_connection_context( r->connection );
     const char *auth_line = apr_table_get(r->headers_in,
-                                          r->proxyreq ? "Proxy-Authorization"
+                                          (PROXYREQ_PROXY == r->proxyreq) ? "Proxy-Authorization"
                                           : "Authorization");
     const char *auth_line2;

More information about the samba-technical mailing list