Apache Reverse Proxy - HTTP requests with a Cookie

We have an Apache Reverse Proxy which works fine (configuration below). Now we have the need to forward a few requests to another server (server3.domain.com) and check that a cookie named "LtpaToken" exists in user request. If the cookie is absent, the error page will return (we want to block anonymous requests).

I need to forward http(s)://server.domain.com/jsreports/* to JSReport's http(s) server VM ( server3.domain.com IP address) and check the LtpaToken if exists.

Can anybody give some hints how can it be implemented? Thank you!

        SSLEngine on
        SSLProxyEngine On
        SSLProxyVerify none
        SSLProxyCheckPeerCN off
        SSLProxyCheckPeerName off

ServerName server.domain.com
        ServerAlias server.com
        ProxyRequests Off
#   ProxyPreserveHost On
    
<Proxy balancer://my_cluster>
    BalancerMember https://server.domain.com keepalive=on
    BalancerMember https://server2.domain.com keepalive=on  status=+H
    AllowOverride None
    Order allow,deny
    allow from all
    
#   ProxySet lbmethod=byrequests
</Proxy>

 <Location /balancer-manager>
        SetHandler balancer-manager
        Order deny,allow
    Deny from all
        allow from 192.168.1
    allow from 5.5.20
    allow from 10.0.0
</Location>

    ProxyPass /balancer-manager !   
    ProxyPass / balancer://my_cluster/
    ProxyPassReverse / balancer://my_cluster/

Solution 1:

You can check the presence of the LtpaToken= string in the Cookie header, and serves the "/forbidden.html" page if it is not found.

RewriteEngine On
RewriteCond "%{HTTP:Cookie}" "!LtpaToken=" [NC]
RewriteRule ".*" "/forbidden.html" [R,P]

If you want to return a HTTP error (403), you can replace the last line with

RewriteRule ".*" - [F]