enterprise-support team mailing list archive

[Steven Ellis <steven@xxxxxxxxxxxxxxx>]

Public bug reported:

Confirmed on Ubuntu 14.04.5 with apache2 2.4.18-2ubuntu3.8

No issues with apache2 2.4.18-2ubuntu3.5 or earlier.

I'm running a front end authenticated reverse proxy on Apache

The backend is my Trac server and authentication is failing with nonce
errors if I upgrade the version of Apache2.

Example error in the Apache2 logs when I attempt to authenticate

[Mon Sep 03 15:07:30.830824 2018] [auth_digest:error] [pid 2702] [client
192.168.0.8:50650] AH01776: invalid nonce
U6R61+50BQA=d41629bfef1e789345f8b147f08f5ad8c89ce973 received - hash is
not 72a2ca1b6c6a13fbcd6c0960e21af1a4d7fcbaf8, referer:
https://hello.not.here/site/timeline

The Apache configuration element for the login URL is as follows

    <LocationMatch "/[^/]+/login">
        AuthType Digest
        AuthName "Trac"
        AuthUserFile /var/www/htdigest
        Require valid-user
    </LocationMatch>

** Affects: apache2 (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Server/Client Support Team, which is subscribed to apache2 in Ubuntu.
Matching subscriptions: Ubuntu Server/Client Support Team
https://bugs.launchpad.net/bugs/1790430

Title:
  None issues with auth_digest when running behind an reverse proxy

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1790430/+subscriptions