Authentication via proxy server

philipsorst / angular-rest-springsecurity

An example AngularJS Application that uses a Spring Security protected Jersey REST backend based on Hibernate/JPA

Apache License 2.0

620 stars 367 forks source link

Authentication via proxy server #6

Closed hershs closed 10 years ago

hershs commented 10 years ago

The authentication don't want to work via http proxy. Looks like the proxy servers cut X-Auth-Token header. Can you take a look?

philipsorst commented 10 years ago

Are you talking about an Apache Reverse Proxy? Please be more specific

hershs commented 10 years ago

I'm talking about http proxy when you connect from browser to server via proxy, Like one of this: https://hidemyass.com/proxy-list/. Many corporate users don't have direct access to internet and use http proxy connect outside.

philipsorst commented 10 years ago

Strange, this must depend on the proxy. Anyway, I am going to provide a solution which uses a request parameter as an alternative. This is still safe when using https.

hershs commented 10 years ago

Yes, you are right. It works via https and proxy, but don't work via http and proxy.

hershs commented 10 years ago

Thank you! It works now with useAuthTokenHeader: false . Is it possible to send the token via cookie instead url param?