How can I protect a Tomcat webapp that's reverse proxied in an Apache2 virtual host using basic authentication?

authentication apache-2.2 virtualhost reverse-proxy http-basic-authentication

Solution 1:

As you've discovered, the <Directory> blocks don't apply because you're serving content from a proxy server, not a local directory.

Try <Location> instead.

<Location />
    ProxyPass ajp://127.0.0.1:8010/
    ProxyPassReverse ajp://127.0.0.1:8010/
    AuthType Basic
    AuthName "something"
    AuthUserFile /path/to/htpasswd
    Require valid-user
</Location>

Related

Delegate log off privilege?
In Chef, how do I access attributes set in the environment JSON from cookbook attributes files?
time sync with ntpd
How to setup network interface to have eth0 as dhcp and eth0:1 as static ip?
"route add default -iface em1" in rc.conf on FreeBSD
Command line speed test
Bandwith usage from pcap files
SSD goes undetected/offline unless cold/hard booted
Why does my EC2 nameserver (correctly) resolve names to private IPs and then switches to public IPs?
Definition of Rejected and Failed in Support Cipher Suite
Virtualbox HTTP load testing, host CPU overload issues
Show each file's read/write rate in Linux (CentOS)