# http.conf used for testing auth-test
ServerName 127.0.0.1
Listen 127.0.0.1:47524
DocumentRoot .
# The tests shut down apache with "graceful-stop", because that makes
# it close its listening socket right away. But it seems to sometimes
# result in apache never fully exiting. This fixes that.
GracefulShutdownTimeout 1
# Change this to "./error.log" if it's failing and you don't know why
ErrorLog /dev/null
LoadModule mpm_prefork_module @APACHE_MODULE_DIR@/mod_mpm_prefork.so
LoadModule alias_module @APACHE_MODULE_DIR@/mod_alias.so
LoadModule auth_basic_module @APACHE_MODULE_DIR@/mod_auth_basic.so
LoadModule auth_digest_module @APACHE_MODULE_DIR@/mod_auth_digest.so
LoadModule authn_core_module @APACHE_MODULE_DIR@/mod_authn_core.so
LoadModule authn_file_module @APACHE_MODULE_DIR@/mod_authn_file.so
LoadModule authz_core_module @APACHE_MODULE_DIR@/mod_authz_core.so
LoadModule authz_host_module @APACHE_MODULE_DIR@/mod_authz_host.so
LoadModule authz_user_module @APACHE_MODULE_DIR@/mod_authz_user.so
LoadModule dir_module @APACHE_MODULE_DIR@/mod_dir.so
LoadModule mime_module @APACHE_MODULE_DIR@/mod_mime.so
@IF_HAVE_PHP@LoadModule php7_module @APACHE_PHP_MODULE_DIR@/libphp7.so
LoadModule proxy_module @APACHE_MODULE_DIR@/mod_proxy.so
LoadModule proxy_http_module @APACHE_MODULE_DIR@/mod_proxy_http.so
LoadModule proxy_connect_module @APACHE_MODULE_DIR@/mod_proxy_connect.so
LoadModule ssl_module @APACHE_SSL_MODULE_DIR@/mod_ssl.so
@IF_HAVE_MOD_UNIXD@LoadModule unixd_module @APACHE_SSL_MODULE_DIR@/mod_unixd.so
DirectoryIndex index.txt
TypesConfig /dev/null
AddType application/x-httpd-php .php
Redirect permanent /redirected /index.txt
# Proxy #1: unauthenticated
Listen 127.0.0.1:47526
<VirtualHost 127.0.0.1:47526>
ProxyRequests On
AllowCONNECT 47525
# Deny proxying by default
<Proxy *>
Require all denied
</Proxy>
# Allow local http connections
<Proxy http://127.0.0.1*>
Require all granted
</Proxy>
# Allow CONNECT to local https port
<Proxy 127.0.0.1:47525>
Require all granted
</Proxy>
# Deny non-proxy requests
<Directory />
Require all denied
</Directory>
</VirtualHost>
# Proxy #2: authenticated
Listen 127.0.0.1:47527
<VirtualHost 127.0.0.1:47527>
ProxyRequests On
AllowCONNECT 47525
# Deny proxying by default
<Proxy *>
Require all denied
</Proxy>
# Allow local http connections with authentication
<Proxy http://127.0.0.1:47524*>
AuthType Basic
AuthName realm1
AuthUserFile ./htpasswd
Require valid-user
</Proxy>
# Allow CONNECT to local https port with authentication
<Proxy 127.0.0.1:47525>
AuthType Basic
AuthName realm1
AuthUserFile ./htpasswd
Require valid-user
</Proxy>
# Fail non-proxy requests
<Directory />
Require all denied
</Directory>
</VirtualHost>
# Proxy #3: unauthenticatable-to
Listen 127.0.0.1:47528
<VirtualHost 127.0.0.1:47528>
ProxyRequests On
AllowCONNECT 47525
# Deny proxying by default
<Proxy *>
Require all denied
</Proxy>
# Allow local http connections with authentication
<Proxy http://127.0.0.1:47524*>
AuthType Basic
AuthName realm1
AuthUserFile ./htpasswd
Require user no-such-user
</Proxy>
# Allow CONNECT to local https port with authentication
<Proxy 127.0.0.1:47525>
AuthType Basic
AuthName realm1
AuthUserFile ./htpasswd
Require user no-such-user
</Proxy>
# Fail non-proxy requests
<Directory />
Require all denied
</Directory>
</VirtualHost>
# SSL setup
<IfModule mod_ssl.c>
Listen 127.0.0.1:47525
<VirtualHost 127.0.0.1:47525>
SSLEngine on
SSLCertificateFile ./test-cert.pem
SSLCertificateKeyFile ./test-key.pem
</VirtualHost>
</IfModule>
# Basic auth tests
Alias /Basic/realm1/realm2/realm1 .
Alias /Basic/realm1/realm2 .
Alias /Basic/realm1/subdir .
Alias /Basic/realm1/not .
Alias /Basic/realm1 .
Alias /Basic/realm12/subdir .
Alias /Basic/realm12 .
Alias /Basic/realm2 .
Alias /Basic/realm3 .
Alias /Basic .
Alias /BasicRoot .
<Location /Basic/realm1>
AuthType Basic
AuthName realm1
AuthUserFile ./htpasswd
Require user user1
</Location>
<Location /Basic/realm1/not>
AuthType Basic
AuthName realm1
AuthUserFile ./htpasswd
Require user user2
</Location>
<Location /Basic/realm12>
AuthType Basic
AuthName realm12
AuthUserFile ./htpasswd
Require user user1 user2
</Location>
<Location /Basic/realm1/realm2>
AuthType Basic
AuthName realm2
AuthUserFile ./htpasswd
Require user user2
</Location>
<Location /Basic/realm1/realm2/realm1>
AuthType Basic
AuthName realm1
AuthUserFile ./htpasswd
Require user user1
</Location>
<Location /Basic/realm2>
AuthType Basic
AuthName realm2
AuthUserFile ./htpasswd
Require user user2
</Location>
<Location /Basic/realm3>
AuthType Basic
AuthName realm3
AuthUserFile ./htpasswd
Require user user3
</Location>
<Location /BasicRoot>
AuthType Basic
AuthName realm1
AuthUserFile ./htpasswd
Require user user1
</Location>
# Digest auth tests
Alias /Digest/realm1/realm2/realm1 .
Alias /Digest/realm1/realm2 .
Alias /Digest/realm1/subdir .
Alias /Digest/realm1/expire .
Alias /Digest/realm1/not .
Alias /Digest/realm1 .
Alias /Digest/realm2 .
Alias /Digest/realm3 .
Alias /Digest .
<Location /Digest/realm1>
AuthType Digest
AuthName realm1
AuthUserFile ./htdigest
AuthDigestDomain /Digest/realm1 /Digest/realm1/realm2/realm1
Require valid-user
</Location>
<Location /Digest/realm1/expire>
AuthType Digest
AuthName realm1
AuthUserFile ./htdigest
AuthDigestDomain /Digest/realm1 /Digest/realm1/realm2/realm1
AuthDigestNonceLifetime 2
Require valid-user
</Location>
<Location /Digest/realm1/not>
AuthType Digest
AuthName realm1
AuthUserFile ./htdigest
AuthDigestDomain /Digest/realm1 /Digest/realm1/realm2/realm1
Require user user2
</Location>
<Location /Digest/realm1/realm2>
AuthType Digest
AuthName realm2
AuthUserFile ./htdigest
AuthDigestDomain /Digest/realm2 /Digest/realm1/realm2
Require valid-user
</Location>
<Location /Digest/realm1/realm2/realm1>
AuthType Digest
AuthName realm1
AuthUserFile ./htdigest
AuthDigestDomain /Digest/realm1 /Digest/realm1/realm2/realm1
Require valid-user
</Location>
<Location /Digest/realm2>
AuthType Digest
AuthName realm2
AuthUserFile ./htdigest
AuthDigestDomain /Digest/realm2 /Digest/realm1/realm2
Require valid-user
</Location>
<Location /Digest/realm3>
AuthType Digest
AuthName realm3
AuthUserFile ./htdigest
AuthDigestDomain /Digest/realm3
Require valid-user
# test RFC2069-style Digest
AuthDigestQop none
</Location>