When using reverse proxy setup (Apache + Let's Encrypt SSL) and Mylar's Form Based Authentication the redirect following a successful login (and other authentication check based redirects that direct you to the login screen) forces the browser from HTTPS to HTTP.
Mylar redirects to the following location: http://[host]:[port][http_root] (example: http://127.0.0.1:8090/mylar)
Mylar should instead using a relative redirect as such: [http_root] (example: /mylar)
Compare the follow two screen shots of the HTTP Headers response between Mylar and Sonarr both with similar settings enabled for Reverse Proxy support:
Mylar
Sonarr
Sonarr's "location" header does not include the protocol/host/port.
Problem with Reverse Proxy + Form Based Authentication
-
- Posts: 5
- Joined: Mon Apr 08, 2019 3:25 pm
-
- Posts: 5
- Joined: Mon Apr 08, 2019 3:25 pm
Re: Problem with Reverse Proxy + Form Based Authentication
I think my issue is a duplicate (or at least related) of what was being reported here: https://github.com/evilhero/mylar/issues/2037
I do not think that Apache has a similar command as nginx "proxy_redirect http:// https://;" to fix the issue, but it does have a mod_headers module which allows you to essentially accomplish the same thing.
Adding the "Header edit Location" line fixed my issue. Hope this helps someone else.
I do not think that Apache has a similar command as nginx "proxy_redirect http:// https://;" to fix the issue, but it does have a mod_headers module which allows you to essentially accomplish the same thing.
Code: Select all
#Mylar
ProxyPass /mylar/ http://10.10.10.90:8090/mylar/
ProxyPassReverse /mylar/ http://10.10.10.90:8090/mylar/
#Remove Proto+Domain from Location Header
Header edit Location "(^http[s]?://)([a-zA-Z0-9\.\-]+)" ""