Login issue with reverse proxy, preauth on proxy and chrome

breadcan · January 23, 2014, 12:28pm

I have a weird issue.
I setup nzbdrone exactly the same like couchpotato and sab behind apache ssl with authentication on apache:

Now when I try to access nzbdrone first I get a login, then I get a empty grey page with a login I can’t get through.
But this happens only with Chrome (I confirmed its the same in safe mode).
With IE 10 it’s all fine.
If I disable the login requirement in the apache config Chrome works.

Here is the apache log, first with IE working, second Chrome broken.

http://pastie.org/pastes/8660964/text?key=jvsxnvmyq0dldaxa9zk4a

The apache config:

<Location /nzbd>
    Order deny,allow
    Allow from all
    AuthType Basic
    AuthName "blafasel"
    AuthUserFile conf/.htpasswd
    require user user
    ProxyPass http://localhost:8989/nzbd
    ProxyPassReverse http://localhost:8989/nzbd
</Location>

Really hope someone understands the issue and can help, I’d really like to authenticate on the apache.

markus101 · January 23, 2014, 3:16pm

Looks like on Chrome its the API calls that are failing, for API calls the API replaces the Basic Auth in the Authorization Header, which works when drone is handling the basic authentication, but Apache is throwing out the request.

IE ignores our attempts to change the Authorization header, and keeps using basic auth (which is accepted in drone) and has the positive effect that apache is happy with the authentication.

I’ll take a look at migrating drone over to another Header key to avoid this situation: https://trello.com/c/U8D0aK2y/536-change-api-key-to-use-a-different-header

breadcan · January 27, 2014, 10:56am

The fix works fine, thanks for the fast response and solution.

system · December 5, 2015, 9:50am