如何在 Apache 反向代理后面使用 CouchDB?

tag-icon tag-icon apache-2.4 reverse-proxy couchdb
如何在 Apache 反向代理后面使用 CouchDB?

我刚刚在装有 apache 2.4.10 的 Debian 上从源代码安装了 CouchDB。

$ curl http://localhost:5984/                                                                                                    
{"couchdb":"Welcome","uuid":"76929f1fc6f1e2c01edcd5b712fff044","version":"1.6.1","vendor":{"version":"1.6.1","name":"The Apache Software Fou
ndation"}}

我想通过 https Apache 反向代理使用它:

<IfModule mod_ssl.c>
<VirtualHost _default_:443>
    ServerAdmin webmaster@localhost

    DocumentRoot /var/www
    <Directory /> 
        Options FollowSymLinks
        AllowOverride All
        SSLRequireSSL

    </Directory>

    #For using my owncloud and wiki without HTTP AUTH, and all the rest
    #with HTTP AUTH
    <LocationMatch "^/(?!owncloud|wiki)">
        AuthType Basic
        AuthName "Acces Restreint"
        AuthBasicProvider file
        AuthUserFile /home/...myfile
        Require valid-user      
        AllowOverride All
    </LocationMatch>

    ErrorLog ${APACHE_LOG_DIR}/error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn

    CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined

    #Here I try to configure my reverse proxy for accessing CouchDB through https://example.com/couchdb/
    <Location /couchdb>
        ProxyPass http://localhost:5984/ ttl=60
        ProxyPassReverse http://localhost:5984/
        ProxyPassReverseCookieDomain localhost example.com
        RequestHeader set Origin "http://localhost:5984"
        AllowOverride all

        AuthType Basic
        AuthName "Acces Restreint"
        AuthUserFile /home/...myfile
        Require valid-user      
    </Location>

    SSLProxyEngine On
    SSLEngine on
    SSLCertificateFile /..../file.pem




    <FilesMatch "\.(cgi|shtml|phtml|php)$">
        SSLOptions +StdEnvVars
    </FilesMatch>
    <Directory /usr/lib/cgi-bin>
        SSLOptions +StdEnvVars
    </Directory>


    BrowserMatch "MSIE [2-6]" \
        nokeepalive ssl-unclean-shutdown \
        downgrade-1.0 force-response-1.0
    # MSIE 7 and newer should be able to use keepalive
    BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown

</VirtualHost>
</IfModule>

但是当我尝试通过互联网连接到: https://example.com/couchdb

我得到以下结果:

{"error":"unauthorized","reason":"Name or password is incorrect."}

因此看起来 Couchdb 正在响应,但是为什么它需要授权而没有使用:

$curl http://localhost:5984/

有什么线索吗?

答案1

找到了!我必须取消设置授权标头:

我也必须改变 http://本地主机:5984/为了http://本地主机:5984

    <Location /couchdb> 
            ProxyPass http://localhost:5984 ttl=60
            ProxyPassReverse http://localhost:5984
            ProxyPassReverseCookieDomain localhost example.com
            RequestHeader set Origin "http://localhost:5984" 
            RequestHeader unset Authorization
            AllowOverride all 

            AuthType Basic 
            AuthName "Acces Restreint" 
            AuthUserFile /...
            Require valid-user 
    </Location>

相关内容