Trying to configure a reverse proxy to allow external access to an
outlook
web access server. I am able to route traffic through the NGINX to the
OWA
server, present the web page, and place the username & pw into the form.
OWA rejects valid username/pwd’s with a: “Your session has timed
out…”
error.
Looking through my custom log files, somehow the session ID and the
expired
values are munged in the GET & POST process through the proxy. There
may be
a simple fix that I’m not able to find. Any suggestions will be
appreciated!
out…"
authentication which requires that each client’s end-to-end
connection to the backend be long-lived, and only used by that one
client (as the auth is done in the first few packets and not
repeated). I don’t know how you’d configure that in nginx.
I may be wrong about it, however. I’ve never tried Nginx in front of
OWA myself. This question comes up on the HAProxy list sometimes, and
it seems solvable by HAP users.
Jonathan
Much Appreciated Jonathan - it prompted me to take some different
testing
steps.
I pointed ngnix to a ‘test’ OWA back-end, which is a mirror of the prod
environment, less the rigid SSL certs. Authentication passed right on
through, everything was jive.
I’ll likely take a different route of trunking SSL to nginx, remove the
OWA
cert, then ipsec’ing the nginx server to the OWA server host-to-host.
a simple fix that I’m not able to find. Any suggestions will be
appreciated!
I have a vague recollection that OWA uses a nasty form of
authentication which requires that each client’s end-to-end
connection to the backend be long-lived, and only used by that one
client (as the auth is done in the first few packets and not
repeated). I don’t know how you’d configure that in nginx.
I may be wrong about it, however. I’ve never tried Nginx in front of
OWA myself. This question comes up on the HAProxy list sometimes, and
it seems solvable by HAP users.
Jonathan
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.