# http.conf used for testing auth-test

ServerName 127.0.0.1
Listen 127.0.0.1:47524

PidFile ./httpd.pid
DocumentRoot .

# The tests shut down apache with "graceful-stop", because that makes
# it close its listening socket right away. But it seems to sometimes
# result in apache never fully exiting. This fixes that.
GracefulShutdownTimeout 1

# Change this to "./error.log" if it's failing and you don't know why
ErrorLog /dev/null

LoadModule alias_module         /mod_alias.so
LoadModule auth_basic_module    /mod_auth_basic.so
LoadModule auth_digest_module   /mod_auth_digest.so
LoadModule authn_file_module    /mod_authn_file.so
LoadModule authz_host_module    /mod_authz_host.so
LoadModule authz_user_module    /mod_authz_user.so
LoadModule dir_module           /mod_dir.so
LoadModule mime_module          /mod_mime.so
LoadModule php5_module          /
LoadModule proxy_module         /mod_proxy.so
LoadModule proxy_http_module    /mod_proxy_http.so
LoadModule proxy_connect_module /mod_proxy_connect.so
LoadModule ssl_module           /mod_ssl.so

DirectoryIndex index.txt
TypesConfig /dev/null
AddType application/x-httpd-php .php


# Proxy #1: unauthenticated
Listen 127.0.0.1:47526
<VirtualHost 127.0.0.1:47526>
  ProxyRequests On
  AllowCONNECT 47525

  # Deny proxying by default
  <Proxy *>
    Order Deny,Allow
    Deny from all
  </Proxy>

  # Allow local http connections
  <Proxy http://127.0.0.1:47524*>
    Order Allow,Deny
    Allow from all
  </Proxy>

  # Allow CONNECT to local https port
  <Proxy 127.0.0.1:47525>
    Order Allow,Deny
    Allow from all
  </Proxy>

  # Deny non-proxy requests
  <Directory />
    Order Deny,Allow
    Deny from all
  </Directory>
</VirtualHost>

# Proxy #2: authenticated
Listen 127.0.0.1:47527
<VirtualHost 127.0.0.1:47527>
  ProxyRequests On
  AllowCONNECT 47525

  # Deny proxying by default
  <Proxy *>
    Order Deny,Allow
    Deny from all
  </Proxy>

  # Allow local http connections with authentication
  <Proxy http://127.0.0.1:47524*>
    Order Allow,Deny
    Allow from all

    AuthType Basic
    AuthName realm1
    AuthUserFile ./htpasswd
    Require valid-user
  </Proxy>

  # Allow CONNECT to local https port with authentication
  <Proxy 127.0.0.1:47525>
    Order Allow,Deny
    Allow from all

    AuthType Basic
    AuthName realm1
    AuthUserFile ./htpasswd
    Require valid-user
  </Proxy>

  # Fail non-proxy requests
  <Directory />
    Order Deny,Allow
    Deny from all
  </Directory>
</VirtualHost>

# Proxy #3: unauthenticatable-to
Listen 127.0.0.1:47528
<VirtualHost 127.0.0.1:47528>
  ProxyRequests On
  AllowCONNECT 47525

  # Deny proxying by default
  <Proxy *>
    Order Deny,Allow
    Deny from all
  </Proxy>

  # Allow local http connections with authentication
  <Proxy http://127.0.0.1:47524*>
    Order Allow,Deny
    Allow from all

    AuthType Basic
    AuthName realm1
    AuthUserFile ./htpasswd
    Require user no-such-user
  </Proxy>

  # Allow CONNECT to local https port with authentication
  <Proxy 127.0.0.1:47525>
    Order Allow,Deny
    Allow from all

    AuthType Basic
    AuthName realm1
    AuthUserFile ./htpasswd
    Require user no-such-user
  </Proxy>

  # Fail non-proxy requests
  <Directory />
    Order Deny,Allow
    Deny from all
  </Directory>
</VirtualHost>


# SSL setup
<IfModule mod_ssl.c>
  Listen 127.0.0.1:47525

  <VirtualHost 127.0.0.1:47525>
    SSLEngine on

    SSLCertificateFile ./test-cert.pem
    SSLCertificateKeyFile ./test-key.pem

  </VirtualHost>
</IfModule>


# Basic auth tests
Alias /Basic/realm1/realm2/realm1 .
Alias /Basic/realm1/realm2 .
Alias /Basic/realm1/subdir .
Alias /Basic/realm1/not .
Alias /Basic/realm1 .
Alias /Basic/realm2 .
Alias /Basic/realm3 .
Alias /Basic .

<Location /Basic/realm1>
  AuthType Basic
  AuthName realm1
  AuthUserFile ./htpasswd
  Require user user1
</Location>

<Location /Basic/realm1/not>
  AuthType Basic
  AuthName realm1
  AuthUserFile ./htpasswd
  Require user user2
</Location>

<Location /Basic/realm1/realm2>
  AuthType Basic
  AuthName realm2
  AuthUserFile ./htpasswd
  Require user user2
</Location>

<Location /Basic/realm1/realm2/realm1>
  AuthType Basic
  AuthName realm1
  AuthUserFile ./htpasswd
  Require user user1
</Location>

<Location /Basic/realm2>
  AuthType Basic
  AuthName realm2
  AuthUserFile ./htpasswd
  Require user user2
</Location>

<Location /Basic/realm3>
  AuthType Basic
  AuthName realm3
  AuthUserFile ./htpasswd
  Require user user3
</Location>

# Digest auth tests
Alias /Digest/realm1/realm2/realm1 .
Alias /Digest/realm1/realm2 .
Alias /Digest/realm1/subdir .
Alias /Digest/realm1/not .
Alias /Digest/realm1 .
Alias /Digest/realm2 .
Alias /Digest/realm3 .
Alias /Digest .

<Location /Digest/realm1>
  AuthType Digest
  AuthName realm1
  AuthUserFile ./htdigest
  AuthDigestDomain /Digest/realm1 /Digest/realm1/realm2/realm1
  Require valid-user
</Location>

<Location /Digest/realm1/not>
  AuthType Digest
  AuthName realm1
  AuthUserFile ./htdigest
  AuthDigestDomain /Digest/realm1 /Digest/realm1/realm2/realm1
  Require user user2
</Location>

<Location /Digest/realm1/realm2>
  AuthType Digest
  AuthName realm2
  AuthUserFile ./htdigest
  AuthDigestDomain /Digest/realm2 /Digest/realm1/realm2
  Require valid-user
</Location>

<Location /Digest/realm1/realm2/realm1>
  AuthType Digest
  AuthName realm1
  AuthUserFile ./htdigest
  AuthDigestDomain /Digest/realm1 /Digest/realm1/realm2/realm1
  Require valid-user
</Location>

<Location /Digest/realm2>
  AuthType Digest
  AuthName realm2
  AuthUserFile ./htdigest
  AuthDigestDomain /Digest/realm2 /Digest/realm1/realm2
  Require valid-user
</Location>

<Location /Digest/realm3>
  AuthType Digest
  AuthName realm3
  AuthUserFile ./htdigest
  AuthDigestDomain /Digest/realm3
  Require valid-user
</Location>