the other side of the firewall http://sahuguet.blogsome.com Just another WordPress weblog Sat, 31 Dec 2005 16:23:30 +0000 http://wordpress.org/?v=1.5.1-alpha en Forward proxy with masquerading http://sahuguet.blogsome.com/2005/08/17/forward-proxy-with-masquerading/ http://sahuguet.blogsome.com/2005/08/17/forward-proxy-with-masquerading/#comments Wed, 17 Aug 2005 01:23:51 +0000 Administrator Hacks Apache http://sahuguet.blogsome.com/2005/08/17/forward-proxy-with-masquerading/ I need to do a demo related to identity management.
I have installed some software on a machine and want to let other people get a feel of the “simplified sign-on” experience.

And to make things more real, I want to use real domain names.

A user would point his web client to www.meteo.fr and gets redirected to my server machine where the magic of SSO should happen.

There are many ways to masquerade an IP address. You can ask the user to change the way domain names get resolved: e.g. /etc/hosts on Un*x systems. lmhosts on Windows machines. But this requires some complicated changes.

A better way — since we are doing HTTP –, is to tell the user to use a proxy.
The proxy will route your masqueraded URLs to the right destination while leaving the rest of the trafic unchanged.

How do I do that? I have been struggking of a few days, looking at mod_proxy and mod_rewrite. Here is one way to do it:

NameVirtualHost *:8666
	
    # masquerade www.figaro.fr
<VirtualHost *:8666>
    ServerName www.figaro.fr
    ProxyPass / http://my.machine.com
    ProxyPassReverse /
</VirtualHost>
	
    # masquerade www.lemonde.fr
<VirtualHost *:8666>
    ServerName www.lemonde.fr
    ProxyPass / http://my.machine.com
    ProxyPassReverse / http://www.yahoo.fr/
</VirtualHost>
	
    # regular trafic
<VirtualHost *:8666>
    ProxyRequests On
</VirtualHost>
]]> http://sahuguet.blogsome.com/2005/08/17/forward-proxy-with-masquerading/feed/